~hc/RK356X_SDK_RELEASE.git

..	..	@@ -1,3 +1,4 @@
	1	+// SPDX-License-Identifier: GPL-2.0-or-later
1	2	/* SCTP kernel implementation
2	3	* (C) Copyright IBM Corp. 2001, 2004
3	4	* Copyright (c) 1999-2000 Cisco, Inc.
..	..	@@ -14,22 +15,6 @@
14	15	* Note that the descriptions from the specification are USER level
15	16	* functions--this file is the functions which populate the struct proto
16	17	* for SCTP which is the BOTTOM of the sockets interface.
17		- *
18		- * This SCTP implementation is free software;
19		- * you can redistribute it and/or modify it under the terms of
20		- * the GNU General Public License as published by
21		- * the Free Software Foundation; either version 2, or (at your option)
22		- * any later version.
23		- *
24		- * This SCTP implementation is distributed in the hope that it
25		- * will be useful, but WITHOUT ANY WARRANTY; without even the implied
26		- * ************************
27		- * warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.
28		- * See the GNU General Public License for more details.
29		- *
30		- * You should have received a copy of the GNU General Public License
31		- * along with GNU CC; see the file COPYING. If not, see
32		- * <http://www.gnu.org/licenses/>.
33	18	*
34	19	* Please send any bug reports or fixes you make to the
35	20	* email address(es):
..	..	@@ -102,9 +87,9 @@
102	87	struct sctp_chunk *chunk);
103	88	static int sctp_do_bind(struct sock , union sctp_addr , int);
104	89	static int sctp_autobind(struct sock *sk);
105		-static void sctp_sock_migrate(struct sock oldsk, struct sock newsk,
106		- struct sctp_association *assoc,
107		- enum sctp_socket_type type);
	90	+static int sctp_sock_migrate(struct sock oldsk, struct sock newsk,
	91	+ struct sctp_association *assoc,
	92	+ enum sctp_socket_type type);
108	93
109	94	static unsigned long sctp_memory_pressure;
110	95	static atomic_long_t sctp_memory_allocated;
..	..	@@ -151,12 +136,9 @@
151	136	/* Save the chunk pointer in skb for sctp_wfree to use later. */
152	137	skb_shinfo(chunk->skb)->destructor_arg = chunk;
153	138
154		- asoc->sndbuf_used += SCTP_DATA_SNDSIZE(chunk) +
155		- sizeof(struct sk_buff) +
156		- sizeof(struct sctp_chunk);
157		-
158	139	refcount_add(sizeof(struct sctp_chunk), &sk->sk_wmem_alloc);
159		- sk->sk_wmem_queued += chunk->skb->truesize;
	140	+ asoc->sndbuf_used += chunk->skb->truesize + sizeof(struct sctp_chunk);
	141	+ sk->sk_wmem_queued += chunk->skb->truesize + sizeof(struct sctp_chunk);
160	142	sk_mem_charge(sk, chunk->skb->truesize);
161	143	}
162	144
..	..	@@ -266,7 +248,7 @@
266	248	}
267	249
268	250	/* Otherwise this is a UDP-style socket. */
269		- if (!id \|\| (id == (sctp_assoc_t)-1))
	251	+ if (id <= SCTP_ALL_ASSOC)
270	252	return NULL;
271	253
272	254	spin_lock_bh(&sctp_assocs_id_lock);
..	..	@@ -342,7 +324,7 @@
342	324	return retval;
343	325	}
344	326
345		-static long sctp_get_port_local(struct sock , union sctp_addr );
	327	+static int sctp_get_port_local(struct sock , union sctp_addr );
346	328
347	329	/* Verify this is a valid sockaddr. */
348	330	static struct sctp_af sctp_sockaddr_af(struct sctp_sock opt,
..	..	@@ -429,7 +411,10 @@
429	411	}
430	412	}
431	413
432		- if (snum && snum < inet_prot_sock(net) &&
	414	+ if (snum && inet_is_local_unbindable_port(net, snum))
	415	+ return -EPERM;
	416	+
	417	+ if (snum && inet_port_requires_bind_service(net, snum) &&
433	418	!ns_capable(net->user_ns, CAP_NET_BIND_SERVICE))
434	419	return -EACCES;
435	420
..	..	@@ -444,9 +429,8 @@
444	429	* detection.
445	430	*/
446	431	addr->v4.sin_port = htons(snum);
447		- if ((ret = sctp_get_port_local(sk, addr))) {
	432	+ if (sctp_get_port_local(sk, addr))
448	433	return -EADDRINUSE;
449		- }
450	434
451	435	/* Refresh ephemeral port. */
452	436	if (!bp->port) {
..	..	@@ -460,11 +444,13 @@
460	444	ret = sctp_add_bind_addr(bp, addr, af->sockaddr_len,
461	445	SCTP_ADDR_SRC, GFP_ATOMIC);
462	446
463		- /* Copy back into socket for getsockname() use. */
464		- if (!ret) {
465		- inet_sk(sk)->inet_sport = htons(inet_sk(sk)->inet_num);
466		- sp->pf->to_sk_saddr(addr, sk);
	447	+ if (ret) {
	448	+ sctp_put_port(sk);
	449	+ return ret;
467	450	}
	451	+ /* Copy back into socket for getsockname() use. */
	452	+ inet_sk(sk)->inet_sport = htons(inet_sk(sk)->inet_num);
	453	+ sp->pf->to_sk_saddr(addr, sk);
468	454
469	455	return ret;
470	456	}
..	..	@@ -482,8 +468,7 @@
482	468	static int sctp_send_asconf(struct sctp_association *asoc,
483	469	struct sctp_chunk *chunk)
484	470	{
485		- struct net *net = sock_net(asoc->base.sk);
486		- int retval = 0;
	471	+ int retval = 0;
487	472
488	473	/* If there is an outstanding ASCONF chunk, queue it for later
489	474	* transmission.
..	..	@@ -495,7 +480,7 @@
495	480
496	481	/* Hold the chunk until an ASCONF_ACK is received. */
497	482	sctp_chunk_hold(chunk);
498		- retval = sctp_primitive_ASCONF(net, asoc, chunk);
	483	+ retval = sctp_primitive_ASCONF(asoc->base.net, asoc, chunk);
499	484	if (retval)
500	485	sctp_chunk_free(chunk);
501	486	else
..	..	@@ -571,7 +556,6 @@
571	556	struct sockaddr *addrs,
572	557	int addrcnt)
573	558	{
574		- struct net *net = sock_net(sk);
575	559	struct sctp_sock *sp;
576	560	struct sctp_endpoint *ep;
577	561	struct sctp_association *asoc;
..	..	@@ -586,11 +570,11 @@
586	570	int i;
587	571	int retval = 0;
588	572
589		- if (!net->sctp.addip_enable)
590		- return retval;
591		-
592	573	sp = sctp_sk(sk);
593	574	ep = sp->ep;
	575	+
	576	+ if (!ep->asconf_enable)
	577	+ return retval;
594	578
595	579	pr_debug("%s: sk:%p, addrs:%p, addrcnt:%d\n",
596	580	__func__, sk, addrs, addrcnt);
..	..	@@ -774,7 +758,6 @@
774	758	struct sockaddr *addrs,
775	759	int addrcnt)
776	760	{
777		- struct net *net = sock_net(sk);
778	761	struct sctp_sock *sp;
779	762	struct sctp_endpoint *ep;
780	763	struct sctp_association *asoc;
..	..	@@ -790,11 +773,11 @@
790	773	int stored = 0;
791	774
792	775	chunk = NULL;
793		- if (!net->sctp.addip_enable)
794		- return retval;
795		-
796	776	sp = sctp_sk(sk);
797	777	ep = sp->ep;
	778	+
	779	+ if (!ep->asconf_enable)
	780	+ return retval;
798	781
799	782	pr_debug("%s: sk:%p, addrs:%p, addrcnt:%d\n",
800	783	__func__, sk, addrs, addrcnt);
..	..	@@ -1006,42 +989,33 @@
1006	989	* it.
1007	990	*
1008	991	* sk The sk of the socket
1009		- * addrs The pointer to the addresses in user land
	992	+ * addrs The pointer to the addresses
1010	993	* addrssize Size of the addrs buffer
1011	994	* op Operation to perform (add or remove, see the flags of
1012	995	* sctp_bindx)
1013	996	*
1014	997	* Returns 0 if ok, <0 errno code on error.
1015	998	*/
1016		-static int sctp_setsockopt_bindx(struct sock *sk,
1017		- struct sockaddr __user *addrs,
	999	+static int sctp_setsockopt_bindx(struct sock sk, struct sockaddr addrs,
1018	1000	int addrs_size, int op)
1019	1001	{
1020		- struct sockaddr *kaddrs;
1021	1002	int err;
1022	1003	int addrcnt = 0;
1023	1004	int walk_size = 0;
1024	1005	struct sockaddr *sa_addr;
1025		- void *addr_buf;
	1006	+ void *addr_buf = addrs;
1026	1007	struct sctp_af *af;
1027	1008
1028	1009	pr_debug("%s: sk:%p addrs:%p addrs_size:%d opt:%d\n",
1029		- __func__, sk, addrs, addrs_size, op);
	1010	+ __func__, sk, addr_buf, addrs_size, op);
1030	1011
1031	1012	if (unlikely(addrs_size <= 0))
1032	1013	return -EINVAL;
1033	1014
1034		- kaddrs = memdup_user(addrs, addrs_size);
1035		- if (unlikely(IS_ERR(kaddrs)))
1036		- return PTR_ERR(kaddrs);
1037		-
1038	1015	/* Walk through the addrs buffer and count the number of addresses. */
1039		- addr_buf = kaddrs;
1040	1016	while (walk_size < addrs_size) {
1041		- if (walk_size + sizeof(sa_family_t) > addrs_size) {
1042		- kfree(kaddrs);
	1017	+ if (walk_size + sizeof(sa_family_t) > addrs_size)
1043	1018	return -EINVAL;
1044		- }
1045	1019
1046	1020	sa_addr = addr_buf;
1047	1021	af = sctp_get_af_specific(sa_addr->sa_family);
..	..	@@ -1049,10 +1023,8 @@
1049	1023	/* If the address family is not supported or if this address
1050	1024	* causes the address buffer to overflow return EINVAL.
1051	1025	*/
1052		- if (!af \|\| (walk_size + af->sockaddr_len) > addrs_size) {
1053		- kfree(kaddrs);
	1026	+ if (!af \|\| (walk_size + af->sockaddr_len) > addrs_size)
1054	1027	return -EINVAL;
1055		- }
1056	1028	addrcnt++;
1057	1029	addr_buf += af->sockaddr_len;
1058	1030	walk_size += af->sockaddr_len;
..	..	@@ -1063,32 +1035,129 @@
1063	1035	case SCTP_BINDX_ADD_ADDR:
1064	1036	/* Allow security module to validate bindx addresses. */
1065	1037	err = security_sctp_bind_connect(sk, SCTP_SOCKOPT_BINDX_ADD,
1066		- (struct sockaddr *)kaddrs,
1067		- addrs_size);
	1038	+ addrs, addrs_size);
1068	1039	if (err)
1069		- goto out;
1070		- err = sctp_bindx_add(sk, kaddrs, addrcnt);
	1040	+ return err;
	1041	+ err = sctp_bindx_add(sk, addrs, addrcnt);
1071	1042	if (err)
1072		- goto out;
1073		- err = sctp_send_asconf_add_ip(sk, kaddrs, addrcnt);
1074		- break;
1075		-
	1043	+ return err;
	1044	+ return sctp_send_asconf_add_ip(sk, addrs, addrcnt);
1076	1045	case SCTP_BINDX_REM_ADDR:
1077		- err = sctp_bindx_rem(sk, kaddrs, addrcnt);
	1046	+ err = sctp_bindx_rem(sk, addrs, addrcnt);
1078	1047	if (err)
1079		- goto out;
1080		- err = sctp_send_asconf_del_ip(sk, kaddrs, addrcnt);
1081		- break;
	1048	+ return err;
	1049	+ return sctp_send_asconf_del_ip(sk, addrs, addrcnt);
1082	1050
1083	1051	default:
1084		- err = -EINVAL;
1085		- break;
	1052	+ return -EINVAL;
	1053	+ }
	1054	+}
	1055	+
	1056	+static int sctp_bind_add(struct sock sk, struct sockaddr addrs,
	1057	+ int addrlen)
	1058	+{
	1059	+ int err;
	1060	+
	1061	+ lock_sock(sk);
	1062	+ err = sctp_setsockopt_bindx(sk, addrs, addrlen, SCTP_BINDX_ADD_ADDR);
	1063	+ release_sock(sk);
	1064	+ return err;
	1065	+}
	1066	+
	1067	+static int sctp_connect_new_asoc(struct sctp_endpoint *ep,
	1068	+ const union sctp_addr *daddr,
	1069	+ const struct sctp_initmsg *init,
	1070	+ struct sctp_transport **tp)
	1071	+{
	1072	+ struct sctp_association *asoc;
	1073	+ struct sock *sk = ep->base.sk;
	1074	+ struct net *net = sock_net(sk);
	1075	+ enum sctp_scope scope;
	1076	+ int err;
	1077	+
	1078	+ if (sctp_endpoint_is_peeled_off(ep, daddr))
	1079	+ return -EADDRNOTAVAIL;
	1080	+
	1081	+ if (!ep->base.bind_addr.port) {
	1082	+ if (sctp_autobind(sk))
	1083	+ return -EAGAIN;
	1084	+ } else {
	1085	+ if (inet_is_local_unbindable_port(net, ep->base.bind_addr.port))
	1086	+ return -EPERM;
	1087	+ if (inet_port_requires_bind_service(net, ep->base.bind_addr.port) &&
	1088	+ !ns_capable(net->user_ns, CAP_NET_BIND_SERVICE))
	1089	+ return -EACCES;
1086	1090	}
1087	1091
1088		-out:
1089		- kfree(kaddrs);
	1092	+ scope = sctp_scope(daddr);
	1093	+ asoc = sctp_association_new(ep, sk, scope, GFP_KERNEL);
	1094	+ if (!asoc)
	1095	+ return -ENOMEM;
1090	1096
	1097	+ err = sctp_assoc_set_bind_addr_from_ep(asoc, scope, GFP_KERNEL);
	1098	+ if (err < 0)
	1099	+ goto free;
	1100	+
	1101	+ *tp = sctp_assoc_add_peer(asoc, daddr, GFP_KERNEL, SCTP_UNKNOWN);
	1102	+ if (!*tp) {
	1103	+ err = -ENOMEM;
	1104	+ goto free;
	1105	+ }
	1106	+
	1107	+ if (!init)
	1108	+ return 0;
	1109	+
	1110	+ if (init->sinit_num_ostreams) {
	1111	+ __u16 outcnt = init->sinit_num_ostreams;
	1112	+
	1113	+ asoc->c.sinit_num_ostreams = outcnt;
	1114	+ /* outcnt has been changed, need to re-init stream */
	1115	+ err = sctp_stream_init(&asoc->stream, outcnt, 0, GFP_KERNEL);
	1116	+ if (err)
	1117	+ goto free;
	1118	+ }
	1119	+
	1120	+ if (init->sinit_max_instreams)
	1121	+ asoc->c.sinit_max_instreams = init->sinit_max_instreams;
	1122	+
	1123	+ if (init->sinit_max_attempts)
	1124	+ asoc->max_init_attempts = init->sinit_max_attempts;
	1125	+
	1126	+ if (init->sinit_max_init_timeo)
	1127	+ asoc->max_init_timeo =
	1128	+ msecs_to_jiffies(init->sinit_max_init_timeo);
	1129	+
	1130	+ return 0;
	1131	+free:
	1132	+ sctp_association_free(asoc);
1091	1133	return err;
	1134	+}
	1135	+
	1136	+static int sctp_connect_add_peer(struct sctp_association *asoc,
	1137	+ union sctp_addr *daddr, int addr_len)
	1138	+{
	1139	+ struct sctp_endpoint *ep = asoc->ep;
	1140	+ struct sctp_association *old;
	1141	+ struct sctp_transport *t;
	1142	+ int err;
	1143	+
	1144	+ err = sctp_verify_addr(ep->base.sk, daddr, addr_len);
	1145	+ if (err)
	1146	+ return err;
	1147	+
	1148	+ old = sctp_endpoint_lookup_assoc(ep, daddr, &t);
	1149	+ if (old && old != asoc)
	1150	+ return old->state >= SCTP_STATE_ESTABLISHED ? -EISCONN
	1151	+ : -EALREADY;
	1152	+
	1153	+ if (sctp_endpoint_is_peeled_off(ep, daddr))
	1154	+ return -EADDRNOTAVAIL;
	1155	+
	1156	+ t = sctp_assoc_add_peer(asoc, daddr, GFP_KERNEL, SCTP_UNKNOWN);
	1157	+ if (!t)
	1158	+ return -ENOMEM;
	1159	+
	1160	+ return 0;
1092	1161	}
1093	1162
1094	1163	/* __sctp_connect(struct sock* sk, struct sockaddr *kaddrs, int addrs_size)
..	..	@@ -1096,153 +1165,62 @@
1096	1165	* Common routine for handling connect() and sctp_connectx().
1097	1166	* Connect will come in with just a single address.
1098	1167	*/
1099		-static int __sctp_connect(struct sock *sk,
1100		- struct sockaddr *kaddrs,
1101		- int addrs_size, int flags,
1102		- sctp_assoc_t *assoc_id)
	1168	+static int __sctp_connect(struct sock sk, struct sockaddr kaddrs,
	1169	+ int addrs_size, int flags, sctp_assoc_t *assoc_id)
1103	1170	{
1104		- struct net *net = sock_net(sk);
1105		- struct sctp_sock *sp;
1106		- struct sctp_endpoint *ep;
1107		- struct sctp_association *asoc = NULL;
1108		- struct sctp_association *asoc2;
	1171	+ struct sctp_sock *sp = sctp_sk(sk);
	1172	+ struct sctp_endpoint *ep = sp->ep;
1109	1173	struct sctp_transport *transport;
1110		- union sctp_addr to;
1111		- enum sctp_scope scope;
	1174	+ struct sctp_association *asoc;
	1175	+ void *addr_buf = kaddrs;
	1176	+ union sctp_addr *daddr;
	1177	+ struct sctp_af *af;
	1178	+ int walk_size, err;
1112	1179	long timeo;
1113		- int err = 0;
1114		- int addrcnt = 0;
1115		- int walk_size = 0;
1116		- union sctp_addr *sa_addr = NULL;
1117		- void *addr_buf;
1118		- unsigned short port;
1119	1180
1120		- sp = sctp_sk(sk);
1121		- ep = sp->ep;
1122		-
1123		- /* connect() cannot be done on a socket that is already in ESTABLISHED
1124		- * state - UDP-style peeled off socket or a TCP-style socket that
1125		- * is already connected.
1126		- * It cannot be done even on a TCP-style listening socket.
1127		- */
1128	1181	if (sctp_sstate(sk, ESTABLISHED) \|\| sctp_sstate(sk, CLOSING) \|\|
1129		- (sctp_style(sk, TCP) && sctp_sstate(sk, LISTENING))) {
1130		- err = -EISCONN;
1131		- goto out_free;
1132		- }
	1182	+ (sctp_style(sk, TCP) && sctp_sstate(sk, LISTENING)))
	1183	+ return -EISCONN;
1133	1184
1134		- /* Walk through the addrs buffer and count the number of addresses. */
1135		- addr_buf = kaddrs;
	1185	+ daddr = addr_buf;
	1186	+ af = sctp_get_af_specific(daddr->sa.sa_family);
	1187	+ if (!af \|\| af->sockaddr_len > addrs_size)
	1188	+ return -EINVAL;
	1189	+
	1190	+ err = sctp_verify_addr(sk, daddr, af->sockaddr_len);
	1191	+ if (err)
	1192	+ return err;
	1193	+
	1194	+ asoc = sctp_endpoint_lookup_assoc(ep, daddr, &transport);
	1195	+ if (asoc)
	1196	+ return asoc->state >= SCTP_STATE_ESTABLISHED ? -EISCONN
	1197	+ : -EALREADY;
	1198	+
	1199	+ err = sctp_connect_new_asoc(ep, daddr, NULL, &transport);
	1200	+ if (err)
	1201	+ return err;
	1202	+ asoc = transport->asoc;
	1203	+
	1204	+ addr_buf += af->sockaddr_len;
	1205	+ walk_size = af->sockaddr_len;
1136	1206	while (walk_size < addrs_size) {
1137		- struct sctp_af *af;
1138		-
1139		- if (walk_size + sizeof(sa_family_t) > addrs_size) {
1140		- err = -EINVAL;
	1207	+ err = -EINVAL;
	1208	+ if (walk_size + sizeof(sa_family_t) > addrs_size)
1141	1209	goto out_free;
1142		- }
1143	1210
1144		- sa_addr = addr_buf;
1145		- af = sctp_get_af_specific(sa_addr->sa.sa_family);
1146		-
1147		- /* If the address family is not supported or if this address
1148		- * causes the address buffer to overflow return EINVAL.
1149		- */
1150		- if (!af \|\| (walk_size + af->sockaddr_len) > addrs_size) {
1151		- err = -EINVAL;
	1211	+ daddr = addr_buf;
	1212	+ af = sctp_get_af_specific(daddr->sa.sa_family);
	1213	+ if (!af \|\| af->sockaddr_len + walk_size > addrs_size)
1152	1214	goto out_free;
1153		- }
1154	1215
1155		- port = ntohs(sa_addr->v4.sin_port);
	1216	+ if (asoc->peer.port != ntohs(daddr->v4.sin_port))
	1217	+ goto out_free;
1156	1218
1157		- /* Save current address so we can work with it */
1158		- memcpy(&to, sa_addr, af->sockaddr_len);
1159		-
1160		- err = sctp_verify_addr(sk, &to, af->sockaddr_len);
	1219	+ err = sctp_connect_add_peer(asoc, daddr, af->sockaddr_len);
1161	1220	if (err)
1162	1221	goto out_free;
1163	1222
1164		- /* Make sure the destination port is correctly set
1165		- * in all addresses.
1166		- */
1167		- if (asoc && asoc->peer.port && asoc->peer.port != port) {
1168		- err = -EINVAL;
1169		- goto out_free;
1170		- }
1171		-
1172		- /* Check if there already is a matching association on the
1173		- * endpoint (other than the one created here).
1174		- */
1175		- asoc2 = sctp_endpoint_lookup_assoc(ep, &to, &transport);
1176		- if (asoc2 && asoc2 != asoc) {
1177		- if (asoc2->state >= SCTP_STATE_ESTABLISHED)
1178		- err = -EISCONN;
1179		- else
1180		- err = -EALREADY;
1181		- goto out_free;
1182		- }
1183		-
1184		- /* If we could not find a matching association on the endpoint,
1185		- * make sure that there is no peeled-off association matching
1186		- * the peer address even on another socket.
1187		- */
1188		- if (sctp_endpoint_is_peeled_off(ep, &to)) {
1189		- err = -EADDRNOTAVAIL;
1190		- goto out_free;
1191		- }
1192		-
1193		- if (!asoc) {
1194		- /* If a bind() or sctp_bindx() is not called prior to
1195		- * an sctp_connectx() call, the system picks an
1196		- * ephemeral port and will choose an address set
1197		- * equivalent to binding with a wildcard address.
1198		- */
1199		- if (!ep->base.bind_addr.port) {
1200		- if (sctp_autobind(sk)) {
1201		- err = -EAGAIN;
1202		- goto out_free;
1203		- }
1204		- } else {
1205		- /*
1206		- * If an unprivileged user inherits a 1-many
1207		- * style socket with open associations on a
1208		- * privileged port, it MAY be permitted to
1209		- * accept new associations, but it SHOULD NOT
1210		- * be permitted to open new associations.
1211		- */
1212		- if (ep->base.bind_addr.port <
1213		- inet_prot_sock(net) &&
1214		- !ns_capable(net->user_ns,
1215		- CAP_NET_BIND_SERVICE)) {
1216		- err = -EACCES;
1217		- goto out_free;
1218		- }
1219		- }
1220		-
1221		- scope = sctp_scope(&to);
1222		- asoc = sctp_association_new(ep, sk, scope, GFP_KERNEL);
1223		- if (!asoc) {
1224		- err = -ENOMEM;
1225		- goto out_free;
1226		- }
1227		-
1228		- err = sctp_assoc_set_bind_addr_from_ep(asoc, scope,
1229		- GFP_KERNEL);
1230		- if (err < 0) {
1231		- goto out_free;
1232		- }
1233		-
1234		- }
1235		-
1236		- /* Prime the peer's transport structures. */
1237		- transport = sctp_assoc_add_peer(asoc, &to, GFP_KERNEL,
1238		- SCTP_UNKNOWN);
1239		- if (!transport) {
1240		- err = -ENOMEM;
1241		- goto out_free;
1242		- }
1243		-
1244		- addrcnt++;
1245		- addr_buf += af->sockaddr_len;
	1223	+ addr_buf += af->sockaddr_len;
1246	1224	walk_size += af->sockaddr_len;
1247	1225	}
1248	1226
..	..	@@ -1255,40 +1233,25 @@
1255	1233	goto out_free;
1256	1234	}
1257	1235
1258		- err = sctp_primitive_ASSOCIATE(net, asoc, NULL);
1259		- if (err < 0) {
	1236	+ err = sctp_primitive_ASSOCIATE(sock_net(sk), asoc, NULL);
	1237	+ if (err < 0)
1260	1238	goto out_free;
1261		- }
1262	1239
1263	1240	/* Initialize sk's dport and daddr for getpeername() */
1264	1241	inet_sk(sk)->inet_dport = htons(asoc->peer.port);
1265		- sp->pf->to_sk_daddr(sa_addr, sk);
	1242	+ sp->pf->to_sk_daddr(daddr, sk);
1266	1243	sk->sk_err = 0;
1267		-
1268		- timeo = sock_sndtimeo(sk, flags & O_NONBLOCK);
1269	1244
1270	1245	if (assoc_id)
1271	1246	*assoc_id = asoc->assoc_id;
1272	1247
1273		- err = sctp_wait_for_connect(asoc, &timeo);
1274		- /* Note: the asoc may be freed after the return of
1275		- * sctp_wait_for_connect.
1276		- */
1277		-
1278		- /* Don't free association on exit. */
1279		- asoc = NULL;
	1248	+ timeo = sock_sndtimeo(sk, flags & O_NONBLOCK);
	1249	+ return sctp_wait_for_connect(asoc, &timeo);
1280	1250
1281	1251	out_free:
1282	1252	pr_debug("%s: took out_free path with asoc:%p kaddrs:%p err:%d\n",
1283	1253	__func__, asoc, kaddrs, err);
1284		-
1285		- if (asoc) {
1286		- /* sctp_primitive_ASSOCIATE may have added this association
1287		- * To the hash table, try to unhash it, just in case, its a noop
1288		- * if it wasn't hashed so we're safe
1289		- */
1290		- sctp_association_free(asoc);
1291		- }
	1254	+ sctp_association_free(asoc);
1292	1255	return err;
1293	1256	}
1294	1257
..	..	@@ -1342,35 +1305,29 @@
1342	1305	* it.
1343	1306	*
1344	1307	* sk The sk of the socket
1345		- * addrs The pointer to the addresses in user land
	1308	+ * addrs The pointer to the addresses
1346	1309	* addrssize Size of the addrs buffer
1347	1310	*
1348	1311	* Returns >=0 if ok, <0 errno code on error.
1349	1312	*/
1350		-static int __sctp_setsockopt_connectx(struct sock *sk,
1351		- struct sockaddr __user *addrs,
1352		- int addrs_size,
1353		- sctp_assoc_t *assoc_id)
	1313	+static int __sctp_setsockopt_connectx(struct sock sk, struct sockaddr kaddrs,
	1314	+ int addrs_size, sctp_assoc_t *assoc_id)
1354	1315	{
1355		- struct sockaddr *kaddrs;
1356	1316	int err = 0, flags = 0;
1357	1317
1358	1318	pr_debug("%s: sk:%p addrs:%p addrs_size:%d\n",
1359		- __func__, sk, addrs, addrs_size);
	1319	+ __func__, sk, kaddrs, addrs_size);
1360	1320
1361		- if (unlikely(addrs_size <= 0))
	1321	+ /* make sure the 1st addr's sa_family is accessible later */
	1322	+ if (unlikely(addrs_size < sizeof(sa_family_t)))
1362	1323	return -EINVAL;
1363		-
1364		- kaddrs = memdup_user(addrs, addrs_size);
1365		- if (unlikely(IS_ERR(kaddrs)))
1366		- return PTR_ERR(kaddrs);
1367	1324
1368	1325	/* Allow security module to validate connectx addresses. */
1369	1326	err = security_sctp_bind_connect(sk, SCTP_SOCKOPT_CONNECTX,
1370	1327	(struct sockaddr *)kaddrs,
1371	1328	addrs_size);
1372	1329	if (err)
1373		- goto out_free;
	1330	+ return err;
1374	1331
1375	1332	/* in-kernel sockets don't generally have a file allocated to them
1376	1333	* if all they do is call sock_create_kern().
..	..	@@ -1378,12 +1335,7 @@
1378	1335	if (sk->sk_socket->file)
1379	1336	flags = sk->sk_socket->file->f_flags;
1380	1337
1381		- err = __sctp_connect(sk, kaddrs, addrs_size, flags, assoc_id);
1382		-
1383		-out_free:
1384		- kfree(kaddrs);
1385		-
1386		- return err;
	1338	+ return __sctp_connect(sk, kaddrs, addrs_size, flags, assoc_id);
1387	1339	}
1388	1340
1389	1341	/*
..	..	@@ -1391,10 +1343,10 @@
1391	1343	* to the option that doesn't provide association id.
1392	1344	*/
1393	1345	static int sctp_setsockopt_connectx_old(struct sock *sk,
1394		- struct sockaddr __user *addrs,
	1346	+ struct sockaddr *kaddrs,
1395	1347	int addrs_size)
1396	1348	{
1397		- return __sctp_setsockopt_connectx(sk, addrs, addrs_size, NULL);
	1349	+ return __sctp_setsockopt_connectx(sk, kaddrs, addrs_size, NULL);
1398	1350	}
1399	1351
1400	1352	/*
..	..	@@ -1404,13 +1356,13 @@
1404	1356	* always positive.
1405	1357	*/
1406	1358	static int sctp_setsockopt_connectx(struct sock *sk,
1407		- struct sockaddr __user *addrs,
	1359	+ struct sockaddr *kaddrs,
1408	1360	int addrs_size)
1409	1361	{
1410	1362	sctp_assoc_t assoc_id = 0;
1411	1363	int err = 0;
1412	1364
1413		- err = __sctp_setsockopt_connectx(sk, addrs, addrs_size, &assoc_id);
	1365	+ err = __sctp_setsockopt_connectx(sk, kaddrs, addrs_size, &assoc_id);
1414	1366
1415	1367	if (err)
1416	1368	return err;
..	..	@@ -1440,6 +1392,7 @@
1440	1392	{
1441	1393	struct sctp_getaddrs_old param;
1442	1394	sctp_assoc_t assoc_id = 0;
	1395	+ struct sockaddr *kaddrs;
1443	1396	int err = 0;
1444	1397
1445	1398	#ifdef CONFIG_COMPAT
..	..	@@ -1463,9 +1416,12 @@
1463	1416	return -EFAULT;
1464	1417	}
1465	1418
1466		- err = __sctp_setsockopt_connectx(sk, (struct sockaddr __user *)
1467		- param.addrs, param.addr_num,
1468		- &assoc_id);
	1419	+ kaddrs = memdup_user(param.addrs, param.addr_num);
	1420	+ if (IS_ERR(kaddrs))
	1421	+ return PTR_ERR(kaddrs);
	1422	+
	1423	+ err = __sctp_setsockopt_connectx(sk, kaddrs, param.addr_num, &assoc_id);
	1424	+ kfree(kaddrs);
1469	1425	if (err == 0 \|\| err == -EINPROGRESS) {
1470	1426	if (copy_to_user(optval, &assoc_id, sizeof(assoc_id)))
1471	1427	return -EFAULT;
..	..	@@ -1706,9 +1662,7 @@
1706	1662	struct sctp_transport **tp)
1707	1663	{
1708	1664	struct sctp_endpoint *ep = sctp_sk(sk)->ep;
1709		- struct net *net = sock_net(sk);
1710	1665	struct sctp_association *asoc;
1711		- enum sctp_scope scope;
1712	1666	struct cmsghdr *cmsg;
1713	1667	__be32 flowinfo = 0;
1714	1668	struct sctp_af *af;
..	..	@@ -1722,20 +1676,6 @@
1722	1676	if (sctp_style(sk, TCP) && (sctp_sstate(sk, ESTABLISHED) \|\|
1723	1677	sctp_sstate(sk, CLOSING)))
1724	1678	return -EADDRNOTAVAIL;
1725		-
1726		- if (sctp_endpoint_is_peeled_off(ep, daddr))
1727		- return -EADDRNOTAVAIL;
1728		-
1729		- if (!ep->base.bind_addr.port) {
1730		- if (sctp_autobind(sk))
1731		- return -EAGAIN;
1732		- } else {
1733		- if (ep->base.bind_addr.port < inet_prot_sock(net) &&
1734		- !ns_capable(net->user_ns, CAP_NET_BIND_SERVICE))
1735		- return -EACCES;
1736		- }
1737		-
1738		- scope = sctp_scope(daddr);
1739	1679
1740	1680	/* Label connection socket for first association 1-to-many
1741	1681	* style for client sequence socket()->sendmsg(). This
..	..	@@ -1752,45 +1692,10 @@
1752	1692	if (err < 0)
1753	1693	return err;
1754	1694
1755		- asoc = sctp_association_new(ep, sk, scope, GFP_KERNEL);
1756		- if (!asoc)
1757		- return -ENOMEM;
1758		-
1759		- if (sctp_assoc_set_bind_addr_from_ep(asoc, scope, GFP_KERNEL) < 0) {
1760		- err = -ENOMEM;
1761		- goto free;
1762		- }
1763		-
1764		- if (cmsgs->init) {
1765		- struct sctp_initmsg *init = cmsgs->init;
1766		-
1767		- if (init->sinit_num_ostreams) {
1768		- __u16 outcnt = init->sinit_num_ostreams;
1769		-
1770		- asoc->c.sinit_num_ostreams = outcnt;
1771		- /* outcnt has been changed, need to re-init stream */
1772		- err = sctp_stream_init(&asoc->stream, outcnt, 0,
1773		- GFP_KERNEL);
1774		- if (err)
1775		- goto free;
1776		- }
1777		-
1778		- if (init->sinit_max_instreams)
1779		- asoc->c.sinit_max_instreams = init->sinit_max_instreams;
1780		-
1781		- if (init->sinit_max_attempts)
1782		- asoc->max_init_attempts = init->sinit_max_attempts;
1783		-
1784		- if (init->sinit_max_init_timeo)
1785		- asoc->max_init_timeo =
1786		- msecs_to_jiffies(init->sinit_max_init_timeo);
1787		- }
1788		-
1789		- *tp = sctp_assoc_add_peer(asoc, daddr, GFP_KERNEL, SCTP_UNKNOWN);
1790		- if (!*tp) {
1791		- err = -ENOMEM;
1792		- goto free;
1793		- }
	1695	+ err = sctp_connect_new_asoc(ep, daddr, cmsgs->init, tp);
	1696	+ if (err)
	1697	+ return err;
	1698	+ asoc = (*tp)->asoc;
1794	1699
1795	1700	if (!cmsgs->addrs_msg)
1796	1701	return 0;
..	..	@@ -1800,8 +1705,6 @@
1800	1705
1801	1706	/* sendv addr list parse */
1802	1707	for_each_cmsghdr(cmsg, cmsgs->addrs_msg) {
1803		- struct sctp_transport *transport;
1804		- struct sctp_association *old;
1805	1708	union sctp_addr _daddr;
1806	1709	int dlen;
1807	1710
..	..	@@ -1835,30 +1738,10 @@
1835	1738	daddr->v6.sin6_port = htons(asoc->peer.port);
1836	1739	memcpy(&daddr->v6.sin6_addr, CMSG_DATA(cmsg), dlen);
1837	1740	}
1838		- err = sctp_verify_addr(sk, daddr, sizeof(*daddr));
	1741	+
	1742	+ err = sctp_connect_add_peer(asoc, daddr, sizeof(*daddr));
1839	1743	if (err)
1840	1744	goto free;
1841		-
1842		- old = sctp_endpoint_lookup_assoc(ep, daddr, &transport);
1843		- if (old && old != asoc) {
1844		- if (old->state >= SCTP_STATE_ESTABLISHED)
1845		- err = -EISCONN;
1846		- else
1847		- err = -EALREADY;
1848		- goto free;
1849		- }
1850		-
1851		- if (sctp_endpoint_is_peeled_off(ep, daddr)) {
1852		- err = -EADDRNOTAVAIL;
1853		- goto free;
1854		- }
1855		-
1856		- transport = sctp_assoc_add_peer(asoc, daddr, GFP_KERNEL,
1857		- SCTP_UNKNOWN);
1858		- if (!transport) {
1859		- err = -ENOMEM;
1860		- goto free;
1861		- }
1862	1745	}
1863	1746
1864	1747	return 0;
..	..	@@ -1960,7 +1843,7 @@
1960	1843	if (err)
1961	1844	goto err;
1962	1845
1963		- if (sp->strm_interleave) {
	1846	+ if (asoc->ep->intl_enable) {
1964	1847	timeo = sock_sndtimeo(sk, 0);
1965	1848	err = sctp_wait_for_connect(asoc, &timeo);
1966	1849	if (err) {
..	..	@@ -2266,7 +2149,7 @@
2266	2149	if (sp->recvrcvinfo)
2267	2150	sctp_ulpevent_read_rcvinfo(event, msg);
2268	2151	/* Check if we allow SCTP_SNDRCVINFO. */
2269		- if (sp->subscribe.sctp_data_io_event)
	2152	+ if (sctp_ulpevent_type_enabled(sp->subscribe, SCTP_DATA_IO_EVENT))
2270	2153	sctp_ulpevent_read_sndrcvinfo(event, msg);
2271	2154
2272	2155	err = copied;
..	..	@@ -2320,42 +2203,40 @@
2320	2203	* exceeds the current PMTU size, the message will NOT be sent and
2321	2204	* instead a error will be indicated to the user.
2322	2205	*/
2323		-static int sctp_setsockopt_disable_fragments(struct sock *sk,
2324		- char __user *optval,
	2206	+static int sctp_setsockopt_disable_fragments(struct sock sk, int val,
2325	2207	unsigned int optlen)
2326	2208	{
2327		- int val;
2328		-
2329	2209	if (optlen < sizeof(int))
2330	2210	return -EINVAL;
2331		-
2332		- if (get_user(val, (int __user *)optval))
2333		- return -EFAULT;
2334		-
2335		- sctp_sk(sk)->disable_fragments = (val == 0) ? 0 : 1;
2336		-
	2211	+ sctp_sk(sk)->disable_fragments = (*val == 0) ? 0 : 1;
2337	2212	return 0;
2338	2213	}
2339	2214
2340		-static int sctp_setsockopt_events(struct sock sk, char __user optval,
	2215	+static int sctp_setsockopt_events(struct sock sk, __u8 sn_type,
2341	2216	unsigned int optlen)
2342	2217	{
	2218	+ struct sctp_sock *sp = sctp_sk(sk);
2343	2219	struct sctp_association *asoc;
2344		- struct sctp_ulpevent *event;
	2220	+ int i;
2345	2221
2346	2222	if (optlen > sizeof(struct sctp_event_subscribe))
2347	2223	return -EINVAL;
2348		- if (copy_from_user(&sctp_sk(sk)->subscribe, optval, optlen))
2349		- return -EFAULT;
	2224	+
	2225	+ for (i = 0; i < optlen; i++)
	2226	+ sctp_ulpevent_type_set(&sp->subscribe, SCTP_SN_TYPE_BASE + i,
	2227	+ sn_type[i]);
	2228	+
	2229	+ list_for_each_entry(asoc, &sp->ep->asocs, asocs)
	2230	+ asoc->subscribe = sctp_sk(sk)->subscribe;
2350	2231
2351	2232	/* At the time when a user app subscribes to SCTP_SENDER_DRY_EVENT,
2352	2233	* if there is no data to be sent or retransmit, the stack will
2353	2234	* immediately send up this notification.
2354	2235	*/
2355		- if (sctp_ulpevent_type_enabled(SCTP_SENDER_DRY_EVENT,
2356		- &sctp_sk(sk)->subscribe)) {
2357		- asoc = sctp_id2assoc(sk, 0);
	2236	+ if (sctp_ulpevent_type_enabled(sp->subscribe, SCTP_SENDER_DRY_EVENT)) {
	2237	+ struct sctp_ulpevent *event;
2358	2238
	2239	+ asoc = sctp_id2assoc(sk, 0);
2359	2240	if (asoc && sctp_outq_is_empty(&asoc->outqueue)) {
2360	2241	event = sctp_ulpevent_make_sender_dry_event(asoc,
2361	2242	GFP_USER \| __GFP_NOWARN);
..	..	@@ -2380,7 +2261,7 @@
2380	2261	* integer defining the number of seconds of idle time before an
2381	2262	* association is closed.
2382	2263	*/
2383		-static int sctp_setsockopt_autoclose(struct sock sk, char __user optval,
	2264	+static int sctp_setsockopt_autoclose(struct sock sk, u32 optval,
2384	2265	unsigned int optlen)
2385	2266	{
2386	2267	struct sctp_sock *sp = sctp_sk(sk);
..	..	@@ -2391,9 +2272,8 @@
2391	2272	return -EOPNOTSUPP;
2392	2273	if (optlen != sizeof(int))
2393	2274	return -EINVAL;
2394		- if (copy_from_user(&sp->autoclose, optval, optlen))
2395		- return -EFAULT;
2396	2275
	2276	+ sp->autoclose = *optval;
2397	2277	if (sp->autoclose > net->sctp.max_autoclose)
2398	2278	sp->autoclose = net->sctp.max_autoclose;
2399	2279
..	..	@@ -2549,9 +2429,8 @@
2549	2429	int error;
2550	2430
2551	2431	if (params->spp_flags & SPP_HB_DEMAND && trans) {
2552		- struct net *net = sock_net(trans->asoc->base.sk);
2553		-
2554		- error = sctp_primitive_REQUESTHEARTBEAT(net, trans->asoc, trans);
	2432	+ error = sctp_primitive_REQUESTHEARTBEAT(trans->asoc->base.net,
	2433	+ trans->asoc, trans);
2555	2434	if (error)
2556	2435	return error;
2557	2436	}
..	..	@@ -2729,68 +2608,63 @@
2729	2608	}
2730	2609
2731	2610	static int sctp_setsockopt_peer_addr_params(struct sock *sk,
2732		- char __user *optval,
	2611	+ struct sctp_paddrparams *params,
2733	2612	unsigned int optlen)
2734	2613	{
2735		- struct sctp_paddrparams params;
2736	2614	struct sctp_transport *trans = NULL;
2737	2615	struct sctp_association *asoc = NULL;
2738	2616	struct sctp_sock *sp = sctp_sk(sk);
2739	2617	int error;
2740	2618	int hb_change, pmtud_change, sackdelay_change;
2741	2619
2742		- if (optlen == sizeof(params)) {
2743		- if (copy_from_user(&params, optval, optlen))
2744		- return -EFAULT;
2745		- } else if (optlen == ALIGN(offsetof(struct sctp_paddrparams,
	2620	+ if (optlen == ALIGN(offsetof(struct sctp_paddrparams,
2746	2621	spp_ipv6_flowlabel), 4)) {
2747		- if (copy_from_user(&params, optval, optlen))
2748		- return -EFAULT;
2749		- if (params.spp_flags & (SPP_DSCP \| SPP_IPV6_FLOWLABEL))
	2622	+ if (params->spp_flags & (SPP_DSCP \| SPP_IPV6_FLOWLABEL))
2750	2623	return -EINVAL;
2751		- } else {
	2624	+ } else if (optlen != sizeof(*params)) {
2752	2625	return -EINVAL;
2753	2626	}
2754	2627
2755	2628	/* Validate flags and value parameters. */
2756		- hb_change = params.spp_flags & SPP_HB;
2757		- pmtud_change = params.spp_flags & SPP_PMTUD;
2758		- sackdelay_change = params.spp_flags & SPP_SACKDELAY;
	2629	+ hb_change = params->spp_flags & SPP_HB;
	2630	+ pmtud_change = params->spp_flags & SPP_PMTUD;
	2631	+ sackdelay_change = params->spp_flags & SPP_SACKDELAY;
2759	2632
2760	2633	if (hb_change == SPP_HB \|\|
2761	2634	pmtud_change == SPP_PMTUD \|\|
2762	2635	sackdelay_change == SPP_SACKDELAY \|\|
2763		- params.spp_sackdelay > 500 \|\|
2764		- (params.spp_pathmtu &&
2765		- params.spp_pathmtu < SCTP_DEFAULT_MINSEGMENT))
	2636	+ params->spp_sackdelay > 500 \|\|
	2637	+ (params->spp_pathmtu &&
	2638	+ params->spp_pathmtu < SCTP_DEFAULT_MINSEGMENT))
2766	2639	return -EINVAL;
2767	2640
2768	2641	/* If an address other than INADDR_ANY is specified, and
2769	2642	* no transport is found, then the request is invalid.
2770	2643	*/
2771		- if (!sctp_is_any(sk, (union sctp_addr *)&params.spp_address)) {
2772		- trans = sctp_addr_id2transport(sk, &params.spp_address,
2773		- params.spp_assoc_id);
	2644	+ if (!sctp_is_any(sk, (union sctp_addr *)&params->spp_address)) {
	2645	+ trans = sctp_addr_id2transport(sk, &params->spp_address,
	2646	+ params->spp_assoc_id);
2774	2647	if (!trans)
2775	2648	return -EINVAL;
2776	2649	}
2777	2650
2778		- /* Get association, if assoc_id != 0 and the socket is a one
2779		- * to many style socket, and an association was not found, then
2780		- * the id was invalid.
	2651	+ /* Get association, if assoc_id != SCTP_FUTURE_ASSOC and the
	2652	+ * socket is a one to many style socket, and an association
	2653	+ * was not found, then the id was invalid.
2781	2654	*/
2782		- asoc = sctp_id2assoc(sk, params.spp_assoc_id);
2783		- if (!asoc && params.spp_assoc_id && sctp_style(sk, UDP))
	2655	+ asoc = sctp_id2assoc(sk, params->spp_assoc_id);
	2656	+ if (!asoc && params->spp_assoc_id != SCTP_FUTURE_ASSOC &&
	2657	+ sctp_style(sk, UDP))
2784	2658	return -EINVAL;
2785	2659
2786	2660	/* Heartbeat demand can only be sent on a transport or
2787	2661	* association, but not a socket.
2788	2662	*/
2789		- if (params.spp_flags & SPP_HB_DEMAND && !trans && !asoc)
	2663	+ if (params->spp_flags & SPP_HB_DEMAND && !trans && !asoc)
2790	2664	return -EINVAL;
2791	2665
2792	2666	/* Process parameters. */
2793		- error = sctp_apply_peer_addr_params(&params, trans, asoc, sp,
	2667	+ error = sctp_apply_peer_addr_params(params, trans, asoc, sp,
2794	2668	hb_change, pmtud_change,
2795	2669	sackdelay_change);
2796	2670
..	..	@@ -2803,7 +2677,7 @@
2803	2677	if (!trans && asoc) {
2804	2678	list_for_each_entry(trans, &asoc->peer.transport_addr_list,
2805	2679	transports) {
2806		- sctp_apply_peer_addr_params(&params, trans, asoc, sp,
	2680	+ sctp_apply_peer_addr_params(params, trans, asoc, sp,
2807	2681	hb_change, pmtud_change,
2808	2682	sackdelay_change);
2809	2683	}
..	..	@@ -2820,6 +2694,43 @@
2820	2694	static inline __u32 sctp_spp_sackdelay_disable(__u32 param_flags)
2821	2695	{
2822	2696	return (param_flags & ~SPP_SACKDELAY) \| SPP_SACKDELAY_DISABLE;
	2697	+}
	2698	+
	2699	+static void sctp_apply_asoc_delayed_ack(struct sctp_sack_info *params,
	2700	+ struct sctp_association *asoc)
	2701	+{
	2702	+ struct sctp_transport *trans;
	2703	+
	2704	+ if (params->sack_delay) {
	2705	+ asoc->sackdelay = msecs_to_jiffies(params->sack_delay);
	2706	+ asoc->param_flags =
	2707	+ sctp_spp_sackdelay_enable(asoc->param_flags);
	2708	+ }
	2709	+ if (params->sack_freq == 1) {
	2710	+ asoc->param_flags =
	2711	+ sctp_spp_sackdelay_disable(asoc->param_flags);
	2712	+ } else if (params->sack_freq > 1) {
	2713	+ asoc->sackfreq = params->sack_freq;
	2714	+ asoc->param_flags =
	2715	+ sctp_spp_sackdelay_enable(asoc->param_flags);
	2716	+ }
	2717	+
	2718	+ list_for_each_entry(trans, &asoc->peer.transport_addr_list,
	2719	+ transports) {
	2720	+ if (params->sack_delay) {
	2721	+ trans->sackdelay = msecs_to_jiffies(params->sack_delay);
	2722	+ trans->param_flags =
	2723	+ sctp_spp_sackdelay_enable(trans->param_flags);
	2724	+ }
	2725	+ if (params->sack_freq == 1) {
	2726	+ trans->param_flags =
	2727	+ sctp_spp_sackdelay_disable(trans->param_flags);
	2728	+ } else if (params->sack_freq > 1) {
	2729	+ trans->sackfreq = params->sack_freq;
	2730	+ trans->param_flags =
	2731	+ sctp_spp_sackdelay_enable(trans->param_flags);
	2732	+ }
	2733	+ }
2823	2734	}
2824	2735
2825	2736	/*
..	..	@@ -2857,104 +2768,84 @@
2857	2768	* timer to expire. The default value for this is 2, setting this
2858	2769	* value to 1 will disable the delayed sack algorithm.
2859	2770	*/
	2771	+static int __sctp_setsockopt_delayed_ack(struct sock *sk,
	2772	+ struct sctp_sack_info *params)
	2773	+{
	2774	+ struct sctp_sock *sp = sctp_sk(sk);
	2775	+ struct sctp_association *asoc;
	2776	+
	2777	+ /* Validate value parameter. */
	2778	+ if (params->sack_delay > 500)
	2779	+ return -EINVAL;
	2780	+
	2781	+ /* Get association, if sack_assoc_id != SCTP_FUTURE_ASSOC and the
	2782	+ * socket is a one to many style socket, and an association
	2783	+ * was not found, then the id was invalid.
	2784	+ */
	2785	+ asoc = sctp_id2assoc(sk, params->sack_assoc_id);
	2786	+ if (!asoc && params->sack_assoc_id > SCTP_ALL_ASSOC &&
	2787	+ sctp_style(sk, UDP))
	2788	+ return -EINVAL;
	2789	+
	2790	+ if (asoc) {
	2791	+ sctp_apply_asoc_delayed_ack(params, asoc);
	2792	+
	2793	+ return 0;
	2794	+ }
	2795	+
	2796	+ if (sctp_style(sk, TCP))
	2797	+ params->sack_assoc_id = SCTP_FUTURE_ASSOC;
	2798	+
	2799	+ if (params->sack_assoc_id == SCTP_FUTURE_ASSOC \|\|
	2800	+ params->sack_assoc_id == SCTP_ALL_ASSOC) {
	2801	+ if (params->sack_delay) {
	2802	+ sp->sackdelay = params->sack_delay;
	2803	+ sp->param_flags =
	2804	+ sctp_spp_sackdelay_enable(sp->param_flags);
	2805	+ }
	2806	+ if (params->sack_freq == 1) {
	2807	+ sp->param_flags =
	2808	+ sctp_spp_sackdelay_disable(sp->param_flags);
	2809	+ } else if (params->sack_freq > 1) {
	2810	+ sp->sackfreq = params->sack_freq;
	2811	+ sp->param_flags =
	2812	+ sctp_spp_sackdelay_enable(sp->param_flags);
	2813	+ }
	2814	+ }
	2815	+
	2816	+ if (params->sack_assoc_id == SCTP_CURRENT_ASSOC \|\|
	2817	+ params->sack_assoc_id == SCTP_ALL_ASSOC)
	2818	+ list_for_each_entry(asoc, &sp->ep->asocs, asocs)
	2819	+ sctp_apply_asoc_delayed_ack(params, asoc);
	2820	+
	2821	+ return 0;
	2822	+}
2860	2823
2861	2824	static int sctp_setsockopt_delayed_ack(struct sock *sk,
2862		- char __user *optval, unsigned int optlen)
	2825	+ struct sctp_sack_info *params,
	2826	+ unsigned int optlen)
2863	2827	{
2864		- struct sctp_sack_info params;
2865		- struct sctp_transport *trans = NULL;
2866		- struct sctp_association *asoc = NULL;
2867		- struct sctp_sock *sp = sctp_sk(sk);
	2828	+ if (optlen == sizeof(struct sctp_assoc_value)) {
	2829	+ struct sctp_assoc_value v = (struct sctp_assoc_value )params;
	2830	+ struct sctp_sack_info p;
2868	2831
2869		- if (optlen == sizeof(struct sctp_sack_info)) {
2870		- if (copy_from_user(&params, optval, optlen))
2871		- return -EFAULT;
2872		-
2873		- if (params.sack_delay == 0 && params.sack_freq == 0)
2874		- return 0;
2875		- } else if (optlen == sizeof(struct sctp_assoc_value)) {
2876	2832	pr_warn_ratelimited(DEPRECATED
2877	2833	"%s (pid %d) "
2878	2834	"Use of struct sctp_assoc_value in delayed_ack socket option.\n"
2879	2835	"Use struct sctp_sack_info instead\n",
2880	2836	current->comm, task_pid_nr(current));
2881		- if (copy_from_user(&params, optval, optlen))
2882		- return -EFAULT;
2883	2837
2884		- if (params.sack_delay == 0)
2885		- params.sack_freq = 1;
2886		- else
2887		- params.sack_freq = 0;
2888		- } else
2889		- return -EINVAL;
2890		-
2891		- /* Validate value parameter. */
2892		- if (params.sack_delay > 500)
2893		- return -EINVAL;
2894		-
2895		- /* Get association, if sack_assoc_id != 0 and the socket is a one
2896		- * to many style socket, and an association was not found, then
2897		- * the id was invalid.
2898		- */
2899		- asoc = sctp_id2assoc(sk, params.sack_assoc_id);
2900		- if (!asoc && params.sack_assoc_id && sctp_style(sk, UDP))
2901		- return -EINVAL;
2902		-
2903		- if (params.sack_delay) {
2904		- if (asoc) {
2905		- asoc->sackdelay =
2906		- msecs_to_jiffies(params.sack_delay);
2907		- asoc->param_flags =
2908		- sctp_spp_sackdelay_enable(asoc->param_flags);
2909		- } else {
2910		- sp->sackdelay = params.sack_delay;
2911		- sp->param_flags =
2912		- sctp_spp_sackdelay_enable(sp->param_flags);
2913		- }
	2838	+ p.sack_assoc_id = v->assoc_id;
	2839	+ p.sack_delay = v->assoc_value;
	2840	+ p.sack_freq = v->assoc_value ? 0 : 1;
	2841	+ return __sctp_setsockopt_delayed_ack(sk, &p);
2914	2842	}
2915	2843
2916		- if (params.sack_freq == 1) {
2917		- if (asoc) {
2918		- asoc->param_flags =
2919		- sctp_spp_sackdelay_disable(asoc->param_flags);
2920		- } else {
2921		- sp->param_flags =
2922		- sctp_spp_sackdelay_disable(sp->param_flags);
2923		- }
2924		- } else if (params.sack_freq > 1) {
2925		- if (asoc) {
2926		- asoc->sackfreq = params.sack_freq;
2927		- asoc->param_flags =
2928		- sctp_spp_sackdelay_enable(asoc->param_flags);
2929		- } else {
2930		- sp->sackfreq = params.sack_freq;
2931		- sp->param_flags =
2932		- sctp_spp_sackdelay_enable(sp->param_flags);
2933		- }
2934		- }
2935		-
2936		- /* If change is for association, also apply to each transport. */
2937		- if (asoc) {
2938		- list_for_each_entry(trans, &asoc->peer.transport_addr_list,
2939		- transports) {
2940		- if (params.sack_delay) {
2941		- trans->sackdelay =
2942		- msecs_to_jiffies(params.sack_delay);
2943		- trans->param_flags =
2944		- sctp_spp_sackdelay_enable(trans->param_flags);
2945		- }
2946		- if (params.sack_freq == 1) {
2947		- trans->param_flags =
2948		- sctp_spp_sackdelay_disable(trans->param_flags);
2949		- } else if (params.sack_freq > 1) {
2950		- trans->sackfreq = params.sack_freq;
2951		- trans->param_flags =
2952		- sctp_spp_sackdelay_enable(trans->param_flags);
2953		- }
2954		- }
2955		- }
2956		-
2957		- return 0;
	2844	+ if (optlen != sizeof(struct sctp_sack_info))
	2845	+ return -EINVAL;
	2846	+ if (params->sack_delay == 0 && params->sack_freq == 0)
	2847	+ return 0;
	2848	+ return __sctp_setsockopt_delayed_ack(sk, params);
2958	2849	}
2959	2850
2960	2851	/* 7.1.3 Initialization Parameters (SCTP_INITMSG)
..	..	@@ -2968,24 +2859,22 @@
2968	2859	* by the change). With TCP-style sockets, this option is inherited by
2969	2860	* sockets derived from a listener socket.
2970	2861	*/
2971		-static int sctp_setsockopt_initmsg(struct sock sk, char __user optval, unsigned int optlen)
	2862	+static int sctp_setsockopt_initmsg(struct sock sk, struct sctp_initmsg sinit,
	2863	+ unsigned int optlen)
2972	2864	{
2973		- struct sctp_initmsg sinit;
2974	2865	struct sctp_sock *sp = sctp_sk(sk);
2975	2866
2976	2867	if (optlen != sizeof(struct sctp_initmsg))
2977	2868	return -EINVAL;
2978		- if (copy_from_user(&sinit, optval, optlen))
2979		- return -EFAULT;
2980	2869
2981		- if (sinit.sinit_num_ostreams)
2982		- sp->initmsg.sinit_num_ostreams = sinit.sinit_num_ostreams;
2983		- if (sinit.sinit_max_instreams)
2984		- sp->initmsg.sinit_max_instreams = sinit.sinit_max_instreams;
2985		- if (sinit.sinit_max_attempts)
2986		- sp->initmsg.sinit_max_attempts = sinit.sinit_max_attempts;
2987		- if (sinit.sinit_max_init_timeo)
2988		- sp->initmsg.sinit_max_init_timeo = sinit.sinit_max_init_timeo;
	2870	+ if (sinit->sinit_num_ostreams)
	2871	+ sp->initmsg.sinit_num_ostreams = sinit->sinit_num_ostreams;
	2872	+ if (sinit->sinit_max_instreams)
	2873	+ sp->initmsg.sinit_max_instreams = sinit->sinit_max_instreams;
	2874	+ if (sinit->sinit_max_attempts)
	2875	+ sp->initmsg.sinit_max_attempts = sinit->sinit_max_attempts;
	2876	+ if (sinit->sinit_max_init_timeo)
	2877	+ sp->initmsg.sinit_max_init_timeo = sinit->sinit_max_init_timeo;
2989	2878
2990	2879	return 0;
2991	2880	}
..	..	@@ -3005,37 +2894,55 @@
3005	2894	* to this call if the caller is using the UDP model.
3006	2895	*/
3007	2896	static int sctp_setsockopt_default_send_param(struct sock *sk,
3008		- char __user *optval,
	2897	+ struct sctp_sndrcvinfo *info,
3009	2898	unsigned int optlen)
3010	2899	{
3011	2900	struct sctp_sock *sp = sctp_sk(sk);
3012	2901	struct sctp_association *asoc;
3013		- struct sctp_sndrcvinfo info;
3014	2902
3015		- if (optlen != sizeof(info))
	2903	+ if (optlen != sizeof(*info))
3016	2904	return -EINVAL;
3017		- if (copy_from_user(&info, optval, optlen))
3018		- return -EFAULT;
3019		- if (info.sinfo_flags &
	2905	+ if (info->sinfo_flags &
3020	2906	~(SCTP_UNORDERED \| SCTP_ADDR_OVER \|
3021	2907	SCTP_ABORT \| SCTP_EOF))
3022	2908	return -EINVAL;
3023	2909
3024		- asoc = sctp_id2assoc(sk, info.sinfo_assoc_id);
3025		- if (!asoc && info.sinfo_assoc_id && sctp_style(sk, UDP))
	2910	+ asoc = sctp_id2assoc(sk, info->sinfo_assoc_id);
	2911	+ if (!asoc && info->sinfo_assoc_id > SCTP_ALL_ASSOC &&
	2912	+ sctp_style(sk, UDP))
3026	2913	return -EINVAL;
	2914	+
3027	2915	if (asoc) {
3028		- asoc->default_stream = info.sinfo_stream;
3029		- asoc->default_flags = info.sinfo_flags;
3030		- asoc->default_ppid = info.sinfo_ppid;
3031		- asoc->default_context = info.sinfo_context;
3032		- asoc->default_timetolive = info.sinfo_timetolive;
3033		- } else {
3034		- sp->default_stream = info.sinfo_stream;
3035		- sp->default_flags = info.sinfo_flags;
3036		- sp->default_ppid = info.sinfo_ppid;
3037		- sp->default_context = info.sinfo_context;
3038		- sp->default_timetolive = info.sinfo_timetolive;
	2916	+ asoc->default_stream = info->sinfo_stream;
	2917	+ asoc->default_flags = info->sinfo_flags;
	2918	+ asoc->default_ppid = info->sinfo_ppid;
	2919	+ asoc->default_context = info->sinfo_context;
	2920	+ asoc->default_timetolive = info->sinfo_timetolive;
	2921	+
	2922	+ return 0;
	2923	+ }
	2924	+
	2925	+ if (sctp_style(sk, TCP))
	2926	+ info->sinfo_assoc_id = SCTP_FUTURE_ASSOC;
	2927	+
	2928	+ if (info->sinfo_assoc_id == SCTP_FUTURE_ASSOC \|\|
	2929	+ info->sinfo_assoc_id == SCTP_ALL_ASSOC) {
	2930	+ sp->default_stream = info->sinfo_stream;
	2931	+ sp->default_flags = info->sinfo_flags;
	2932	+ sp->default_ppid = info->sinfo_ppid;
	2933	+ sp->default_context = info->sinfo_context;
	2934	+ sp->default_timetolive = info->sinfo_timetolive;
	2935	+ }
	2936	+
	2937	+ if (info->sinfo_assoc_id == SCTP_CURRENT_ASSOC \|\|
	2938	+ info->sinfo_assoc_id == SCTP_ALL_ASSOC) {
	2939	+ list_for_each_entry(asoc, &sp->ep->asocs, asocs) {
	2940	+ asoc->default_stream = info->sinfo_stream;
	2941	+ asoc->default_flags = info->sinfo_flags;
	2942	+ asoc->default_ppid = info->sinfo_ppid;
	2943	+ asoc->default_context = info->sinfo_context;
	2944	+ asoc->default_timetolive = info->sinfo_timetolive;
	2945	+ }
3039	2946	}
3040	2947
3041	2948	return 0;
..	..	@@ -3045,35 +2952,52 @@
3045	2952	* (SCTP_DEFAULT_SNDINFO)
3046	2953	*/
3047	2954	static int sctp_setsockopt_default_sndinfo(struct sock *sk,
3048		- char __user *optval,
	2955	+ struct sctp_sndinfo *info,
3049	2956	unsigned int optlen)
3050	2957	{
3051	2958	struct sctp_sock *sp = sctp_sk(sk);
3052	2959	struct sctp_association *asoc;
3053		- struct sctp_sndinfo info;
3054	2960
3055		- if (optlen != sizeof(info))
	2961	+ if (optlen != sizeof(*info))
3056	2962	return -EINVAL;
3057		- if (copy_from_user(&info, optval, optlen))
3058		- return -EFAULT;
3059		- if (info.snd_flags &
	2963	+ if (info->snd_flags &
3060	2964	~(SCTP_UNORDERED \| SCTP_ADDR_OVER \|
3061	2965	SCTP_ABORT \| SCTP_EOF))
3062	2966	return -EINVAL;
3063	2967
3064		- asoc = sctp_id2assoc(sk, info.snd_assoc_id);
3065		- if (!asoc && info.snd_assoc_id && sctp_style(sk, UDP))
	2968	+ asoc = sctp_id2assoc(sk, info->snd_assoc_id);
	2969	+ if (!asoc && info->snd_assoc_id > SCTP_ALL_ASSOC &&
	2970	+ sctp_style(sk, UDP))
3066	2971	return -EINVAL;
	2972	+
3067	2973	if (asoc) {
3068		- asoc->default_stream = info.snd_sid;
3069		- asoc->default_flags = info.snd_flags;
3070		- asoc->default_ppid = info.snd_ppid;
3071		- asoc->default_context = info.snd_context;
3072		- } else {
3073		- sp->default_stream = info.snd_sid;
3074		- sp->default_flags = info.snd_flags;
3075		- sp->default_ppid = info.snd_ppid;
3076		- sp->default_context = info.snd_context;
	2974	+ asoc->default_stream = info->snd_sid;
	2975	+ asoc->default_flags = info->snd_flags;
	2976	+ asoc->default_ppid = info->snd_ppid;
	2977	+ asoc->default_context = info->snd_context;
	2978	+
	2979	+ return 0;
	2980	+ }
	2981	+
	2982	+ if (sctp_style(sk, TCP))
	2983	+ info->snd_assoc_id = SCTP_FUTURE_ASSOC;
	2984	+
	2985	+ if (info->snd_assoc_id == SCTP_FUTURE_ASSOC \|\|
	2986	+ info->snd_assoc_id == SCTP_ALL_ASSOC) {
	2987	+ sp->default_stream = info->snd_sid;
	2988	+ sp->default_flags = info->snd_flags;
	2989	+ sp->default_ppid = info->snd_ppid;
	2990	+ sp->default_context = info->snd_context;
	2991	+ }
	2992	+
	2993	+ if (info->snd_assoc_id == SCTP_CURRENT_ASSOC \|\|
	2994	+ info->snd_assoc_id == SCTP_ALL_ASSOC) {
	2995	+ list_for_each_entry(asoc, &sp->ep->asocs, asocs) {
	2996	+ asoc->default_stream = info->snd_sid;
	2997	+ asoc->default_flags = info->snd_flags;
	2998	+ asoc->default_ppid = info->snd_ppid;
	2999	+ asoc->default_context = info->snd_context;
	3000	+ }
3077	3001	}
3078	3002
3079	3003	return 0;
..	..	@@ -3085,10 +3009,9 @@
3085	3009	* the association primary. The enclosed address must be one of the
3086	3010	* association peer's addresses.
3087	3011	*/
3088		-static int sctp_setsockopt_primary_addr(struct sock sk, char __user optval,
	3012	+static int sctp_setsockopt_primary_addr(struct sock sk, struct sctp_prim prim,
3089	3013	unsigned int optlen)
3090	3014	{
3091		- struct sctp_prim prim;
3092	3015	struct sctp_transport *trans;
3093	3016	struct sctp_af *af;
3094	3017	int err;
..	..	@@ -3096,21 +3019,18 @@
3096	3019	if (optlen != sizeof(struct sctp_prim))
3097	3020	return -EINVAL;
3098	3021
3099		- if (copy_from_user(&prim, optval, sizeof(struct sctp_prim)))
3100		- return -EFAULT;
3101		-
3102	3022	/* Allow security module to validate address but need address len. */
3103		- af = sctp_get_af_specific(prim.ssp_addr.ss_family);
	3023	+ af = sctp_get_af_specific(prim->ssp_addr.ss_family);
3104	3024	if (!af)
3105	3025	return -EINVAL;
3106	3026
3107	3027	err = security_sctp_bind_connect(sk, SCTP_PRIMARY_ADDR,
3108		- (struct sockaddr *)&prim.ssp_addr,
	3028	+ (struct sockaddr *)&prim->ssp_addr,
3109	3029	af->sockaddr_len);
3110	3030	if (err)
3111	3031	return err;
3112	3032
3113		- trans = sctp_addr_id2transport(sk, &prim.ssp_addr, prim.ssp_assoc_id);
	3033	+ trans = sctp_addr_id2transport(sk, &prim->ssp_addr, prim->ssp_assoc_id);
3114	3034	if (!trans)
3115	3035	return -EINVAL;
3116	3036
..	..	@@ -3127,17 +3047,12 @@
3127	3047	* introduced, at the cost of more packets in the network. Expects an
3128	3048	* integer boolean flag.
3129	3049	*/
3130		-static int sctp_setsockopt_nodelay(struct sock sk, char __user optval,
	3050	+static int sctp_setsockopt_nodelay(struct sock sk, int val,
3131	3051	unsigned int optlen)
3132	3052	{
3133		- int val;
3134		-
3135	3053	if (optlen < sizeof(int))
3136	3054	return -EINVAL;
3137		- if (get_user(val, (int __user *)optval))
3138		- return -EFAULT;
3139		-
3140		- sctp_sk(sk)->nodelay = (val == 0) ? 0 : 1;
	3055	+ sctp_sk(sk)->nodelay = (*val == 0) ? 0 : 1;
3141	3056	return 0;
3142	3057	}
3143	3058
..	..	@@ -3153,9 +3068,10 @@
3153	3068	* be changed.
3154	3069	*
3155	3070	*/
3156		-static int sctp_setsockopt_rtoinfo(struct sock sk, char __user optval, unsigned int optlen)
	3071	+static int sctp_setsockopt_rtoinfo(struct sock *sk,
	3072	+ struct sctp_rtoinfo *rtoinfo,
	3073	+ unsigned int optlen)
3157	3074	{
3158		- struct sctp_rtoinfo rtoinfo;
3159	3075	struct sctp_association *asoc;
3160	3076	unsigned long rto_min, rto_max;
3161	3077	struct sctp_sock *sp = sctp_sk(sk);
..	..	@@ -3163,17 +3079,15 @@
3163	3079	if (optlen != sizeof (struct sctp_rtoinfo))
3164	3080	return -EINVAL;
3165	3081
3166		- if (copy_from_user(&rtoinfo, optval, optlen))
3167		- return -EFAULT;
3168		-
3169		- asoc = sctp_id2assoc(sk, rtoinfo.srto_assoc_id);
	3082	+ asoc = sctp_id2assoc(sk, rtoinfo->srto_assoc_id);
3170	3083
3171	3084	/* Set the values to the specific association */
3172		- if (!asoc && rtoinfo.srto_assoc_id && sctp_style(sk, UDP))
	3085	+ if (!asoc && rtoinfo->srto_assoc_id != SCTP_FUTURE_ASSOC &&
	3086	+ sctp_style(sk, UDP))
3173	3087	return -EINVAL;
3174	3088
3175		- rto_max = rtoinfo.srto_max;
3176		- rto_min = rtoinfo.srto_min;
	3089	+ rto_max = rtoinfo->srto_max;
	3090	+ rto_min = rtoinfo->srto_min;
3177	3091
3178	3092	if (rto_max)
3179	3093	rto_max = asoc ? msecs_to_jiffies(rto_max) : rto_max;
..	..	@@ -3189,17 +3103,17 @@
3189	3103	return -EINVAL;
3190	3104
3191	3105	if (asoc) {
3192		- if (rtoinfo.srto_initial != 0)
	3106	+ if (rtoinfo->srto_initial != 0)
3193	3107	asoc->rto_initial =
3194		- msecs_to_jiffies(rtoinfo.srto_initial);
	3108	+ msecs_to_jiffies(rtoinfo->srto_initial);
3195	3109	asoc->rto_max = rto_max;
3196	3110	asoc->rto_min = rto_min;
3197	3111	} else {
3198	3112	/* If there is no association or the association-id = 0
3199	3113	* set the values to the endpoint.
3200	3114	*/
3201		- if (rtoinfo.srto_initial != 0)
3202		- sp->rtoinfo.srto_initial = rtoinfo.srto_initial;
	3115	+ if (rtoinfo->srto_initial != 0)
	3116	+ sp->rtoinfo.srto_initial = rtoinfo->srto_initial;
3203	3117	sp->rtoinfo.srto_max = rto_max;
3204	3118	sp->rtoinfo.srto_min = rto_min;
3205	3119	}
..	..	@@ -3218,25 +3132,25 @@
3218	3132	* See [SCTP] for more information.
3219	3133	*
3220	3134	*/
3221		-static int sctp_setsockopt_associnfo(struct sock sk, char __user optval, unsigned int optlen)
	3135	+static int sctp_setsockopt_associnfo(struct sock *sk,
	3136	+ struct sctp_assocparams *assocparams,
	3137	+ unsigned int optlen)
3222	3138	{
3223	3139
3224		- struct sctp_assocparams assocparams;
3225	3140	struct sctp_association *asoc;
3226	3141
3227	3142	if (optlen != sizeof(struct sctp_assocparams))
3228	3143	return -EINVAL;
3229		- if (copy_from_user(&assocparams, optval, optlen))
3230		- return -EFAULT;
3231	3144
3232		- asoc = sctp_id2assoc(sk, assocparams.sasoc_assoc_id);
	3145	+ asoc = sctp_id2assoc(sk, assocparams->sasoc_assoc_id);
3233	3146
3234		- if (!asoc && assocparams.sasoc_assoc_id && sctp_style(sk, UDP))
	3147	+ if (!asoc && assocparams->sasoc_assoc_id != SCTP_FUTURE_ASSOC &&
	3148	+ sctp_style(sk, UDP))
3235	3149	return -EINVAL;
3236	3150
3237	3151	/* Set the values to the specific association */
3238	3152	if (asoc) {
3239		- if (assocparams.sasoc_asocmaxrxt != 0) {
	3153	+ if (assocparams->sasoc_asocmaxrxt != 0) {
3240	3154	__u32 path_sum = 0;
3241	3155	int paths = 0;
3242	3156	struct sctp_transport *peer_addr;
..	..	@@ -3253,24 +3167,25 @@
3253	3167	* then one path.
3254	3168	*/
3255	3169	if (paths > 1 &&
3256		- assocparams.sasoc_asocmaxrxt > path_sum)
	3170	+ assocparams->sasoc_asocmaxrxt > path_sum)
3257	3171	return -EINVAL;
3258	3172
3259		- asoc->max_retrans = assocparams.sasoc_asocmaxrxt;
	3173	+ asoc->max_retrans = assocparams->sasoc_asocmaxrxt;
3260	3174	}
3261	3175
3262		- if (assocparams.sasoc_cookie_life != 0)
3263		- asoc->cookie_life = ms_to_ktime(assocparams.sasoc_cookie_life);
	3176	+ if (assocparams->sasoc_cookie_life != 0)
	3177	+ asoc->cookie_life =
	3178	+ ms_to_ktime(assocparams->sasoc_cookie_life);
3264	3179	} else {
3265	3180	/* Set the values to the endpoint */
3266	3181	struct sctp_sock *sp = sctp_sk(sk);
3267	3182
3268		- if (assocparams.sasoc_asocmaxrxt != 0)
	3183	+ if (assocparams->sasoc_asocmaxrxt != 0)
3269	3184	sp->assocparams.sasoc_asocmaxrxt =
3270		- assocparams.sasoc_asocmaxrxt;
3271		- if (assocparams.sasoc_cookie_life != 0)
	3185	+ assocparams->sasoc_asocmaxrxt;
	3186	+ if (assocparams->sasoc_cookie_life != 0)
3272	3187	sp->assocparams.sasoc_cookie_life =
3273		- assocparams.sasoc_cookie_life;
	3188	+ assocparams->sasoc_cookie_life;
3274	3189	}
3275	3190	return 0;
3276	3191	}
..	..	@@ -3285,16 +3200,14 @@
3285	3200	* addresses and a user will receive both PF_INET6 and PF_INET type
3286	3201	* addresses on the socket.
3287	3202	*/
3288		-static int sctp_setsockopt_mappedv4(struct sock sk, char __user optval, unsigned int optlen)
	3203	+static int sctp_setsockopt_mappedv4(struct sock sk, int val,
	3204	+ unsigned int optlen)
3289	3205	{
3290		- int val;
3291	3206	struct sctp_sock *sp = sctp_sk(sk);
3292	3207
3293	3208	if (optlen < sizeof(int))
3294	3209	return -EINVAL;
3295		- if (get_user(val, (int __user *)optval))
3296		- return -EFAULT;
3297		- if (val)
	3210	+ if (*val)
3298	3211	sp->v4mapped = 1;
3299	3212	else
3300	3213	sp->v4mapped = 0;
..	..	@@ -3329,11 +3242,13 @@
3329	3242	* changed (effecting future associations only).
3330	3243	* assoc_value: This parameter specifies the maximum size in bytes.
3331	3244	*/
3332		-static int sctp_setsockopt_maxseg(struct sock sk, char __user optval, unsigned int optlen)
	3245	+static int sctp_setsockopt_maxseg(struct sock *sk,
	3246	+ struct sctp_assoc_value *params,
	3247	+ unsigned int optlen)
3333	3248	{
3334	3249	struct sctp_sock *sp = sctp_sk(sk);
3335		- struct sctp_assoc_value params;
3336	3250	struct sctp_association *asoc;
	3251	+ sctp_assoc_t assoc_id;
3337	3252	int val;
3338	3253
3339	3254	if (optlen == sizeof(int)) {
..	..	@@ -3342,18 +3257,19 @@
3342	3257	"Use of int in maxseg socket option.\n"
3343	3258	"Use struct sctp_assoc_value instead\n",
3344	3259	current->comm, task_pid_nr(current));
3345		- if (copy_from_user(&val, optval, optlen))
3346		- return -EFAULT;
3347		- params.assoc_id = 0;
	3260	+ assoc_id = SCTP_FUTURE_ASSOC;
	3261	+ val = (int )params;
3348	3262	} else if (optlen == sizeof(struct sctp_assoc_value)) {
3349		- if (copy_from_user(&params, optval, optlen))
3350		- return -EFAULT;
3351		- val = params.assoc_value;
	3263	+ assoc_id = params->assoc_id;
	3264	+ val = params->assoc_value;
3352	3265	} else {
3353	3266	return -EINVAL;
3354	3267	}
3355	3268
3356		- asoc = sctp_id2assoc(sk, params.assoc_id);
	3269	+ asoc = sctp_id2assoc(sk, assoc_id);
	3270	+ if (!asoc && assoc_id != SCTP_FUTURE_ASSOC &&
	3271	+ sctp_style(sk, UDP))
	3272	+ return -EINVAL;
3357	3273
3358	3274	if (val) {
3359	3275	int min_len, max_len;
..	..	@@ -3371,8 +3287,6 @@
3371	3287	asoc->user_frag = val;
3372	3288	sctp_assoc_update_frag_point(asoc);
3373	3289	} else {
3374		- if (params.assoc_id && sctp_style(sk, UDP))
3375		- return -EINVAL;
3376	3290	sp->user_frag = val;
3377	3291	}
3378	3292
..	..	@@ -3388,29 +3302,25 @@
3388	3302	* locally bound addresses. The following structure is used to make a
3389	3303	* set primary request:
3390	3304	*/
3391		-static int sctp_setsockopt_peer_primary_addr(struct sock sk, char __user optval,
	3305	+static int sctp_setsockopt_peer_primary_addr(struct sock *sk,
	3306	+ struct sctp_setpeerprim *prim,
3392	3307	unsigned int optlen)
3393	3308	{
3394		- struct net *net = sock_net(sk);
3395	3309	struct sctp_sock *sp;
3396	3310	struct sctp_association *asoc = NULL;
3397		- struct sctp_setpeerprim prim;
3398	3311	struct sctp_chunk *chunk;
3399	3312	struct sctp_af *af;
3400	3313	int err;
3401	3314
3402	3315	sp = sctp_sk(sk);
3403	3316
3404		- if (!net->sctp.addip_enable)
	3317	+ if (!sp->ep->asconf_enable)
3405	3318	return -EPERM;
3406	3319
3407	3320	if (optlen != sizeof(struct sctp_setpeerprim))
3408	3321	return -EINVAL;
3409	3322
3410		- if (copy_from_user(&prim, optval, optlen))
3411		- return -EFAULT;
3412		-
3413		- asoc = sctp_id2assoc(sk, prim.sspp_assoc_id);
	3323	+ asoc = sctp_id2assoc(sk, prim->sspp_assoc_id);
3414	3324	if (!asoc)
3415	3325	return -EINVAL;
3416	3326
..	..	@@ -3423,26 +3333,26 @@
3423	3333	if (!sctp_state(asoc, ESTABLISHED))
3424	3334	return -ENOTCONN;
3425	3335
3426		- af = sctp_get_af_specific(prim.sspp_addr.ss_family);
	3336	+ af = sctp_get_af_specific(prim->sspp_addr.ss_family);
3427	3337	if (!af)
3428	3338	return -EINVAL;
3429	3339
3430		- if (!af->addr_valid((union sctp_addr *)&prim.sspp_addr, sp, NULL))
	3340	+ if (!af->addr_valid((union sctp_addr *)&prim->sspp_addr, sp, NULL))
3431	3341	return -EADDRNOTAVAIL;
3432	3342
3433		- if (!sctp_assoc_lookup_laddr(asoc, (union sctp_addr *)&prim.sspp_addr))
	3343	+ if (!sctp_assoc_lookup_laddr(asoc, (union sctp_addr *)&prim->sspp_addr))
3434	3344	return -EADDRNOTAVAIL;
3435	3345
3436	3346	/* Allow security module to validate address. */
3437	3347	err = security_sctp_bind_connect(sk, SCTP_SET_PEER_PRIMARY_ADDR,
3438		- (struct sockaddr *)&prim.sspp_addr,
	3348	+ (struct sockaddr *)&prim->sspp_addr,
3439	3349	af->sockaddr_len);
3440	3350	if (err)
3441	3351	return err;
3442	3352
3443	3353	/* Create an ASCONF chunk with SET_PRIMARY parameter */
3444	3354	chunk = sctp_make_asconf_set_prim(asoc,
3445		- (union sctp_addr *)&prim.sspp_addr);
	3355	+ (union sctp_addr *)&prim->sspp_addr);
3446	3356	if (!chunk)
3447	3357	return -ENOMEM;
3448	3358
..	..	@@ -3453,17 +3363,14 @@
3453	3363	return err;
3454	3364	}
3455	3365
3456		-static int sctp_setsockopt_adaptation_layer(struct sock sk, char __user optval,
	3366	+static int sctp_setsockopt_adaptation_layer(struct sock *sk,
	3367	+ struct sctp_setadaptation *adapt,
3457	3368	unsigned int optlen)
3458	3369	{
3459		- struct sctp_setadaptation adaptation;
3460		-
3461	3370	if (optlen != sizeof(struct sctp_setadaptation))
3462	3371	return -EINVAL;
3463		- if (copy_from_user(&adaptation, optval, optlen))
3464		- return -EFAULT;
3465	3372
3466		- sctp_sk(sk)->adaptation_ind = adaptation.ssb_adaptation_ind;
	3373	+ sctp_sk(sk)->adaptation_ind = adapt->ssb_adaptation_ind;
3467	3374
3468	3375	return 0;
3469	3376	}
..	..	@@ -3482,28 +3389,38 @@
3482	3389	* received messages from the peer and does not effect the value that is
3483	3390	* saved with outbound messages.
3484	3391	*/
3485		-static int sctp_setsockopt_context(struct sock sk, char __user optval,
	3392	+static int sctp_setsockopt_context(struct sock *sk,
	3393	+ struct sctp_assoc_value *params,
3486	3394	unsigned int optlen)
3487	3395	{
3488		- struct sctp_assoc_value params;
3489		- struct sctp_sock *sp;
	3396	+ struct sctp_sock *sp = sctp_sk(sk);
3490	3397	struct sctp_association *asoc;
3491	3398
3492	3399	if (optlen != sizeof(struct sctp_assoc_value))
3493	3400	return -EINVAL;
3494		- if (copy_from_user(&params, optval, optlen))
3495		- return -EFAULT;
3496	3401
3497		- sp = sctp_sk(sk);
	3402	+ asoc = sctp_id2assoc(sk, params->assoc_id);
	3403	+ if (!asoc && params->assoc_id > SCTP_ALL_ASSOC &&
	3404	+ sctp_style(sk, UDP))
	3405	+ return -EINVAL;
3498	3406
3499		- if (params.assoc_id != 0) {
3500		- asoc = sctp_id2assoc(sk, params.assoc_id);
3501		- if (!asoc)
3502		- return -EINVAL;
3503		- asoc->default_rcv_context = params.assoc_value;
3504		- } else {
3505		- sp->default_rcv_context = params.assoc_value;
	3407	+ if (asoc) {
	3408	+ asoc->default_rcv_context = params->assoc_value;
	3409	+
	3410	+ return 0;
3506	3411	}
	3412	+
	3413	+ if (sctp_style(sk, TCP))
	3414	+ params->assoc_id = SCTP_FUTURE_ASSOC;
	3415	+
	3416	+ if (params->assoc_id == SCTP_FUTURE_ASSOC \|\|
	3417	+ params->assoc_id == SCTP_ALL_ASSOC)
	3418	+ sp->default_rcv_context = params->assoc_value;
	3419	+
	3420	+ if (params->assoc_id == SCTP_CURRENT_ASSOC \|\|
	3421	+ params->assoc_id == SCTP_ALL_ASSOC)
	3422	+ list_for_each_entry(asoc, &sp->ep->asocs, asocs)
	3423	+ asoc->default_rcv_context = params->assoc_value;
3507	3424
3508	3425	return 0;
3509	3426	}
..	..	@@ -3532,21 +3449,16 @@
3532	3449	* application using the one to many model may become confused and act
3533	3450	* incorrectly.
3534	3451	*/
3535		-static int sctp_setsockopt_fragment_interleave(struct sock *sk,
3536		- char __user *optval,
	3452	+static int sctp_setsockopt_fragment_interleave(struct sock sk, int val,
3537	3453	unsigned int optlen)
3538	3454	{
3539		- int val;
3540		-
3541	3455	if (optlen != sizeof(int))
3542	3456	return -EINVAL;
3543		- if (get_user(val, (int __user *)optval))
3544		- return -EFAULT;
3545	3457
3546		- sctp_sk(sk)->frag_interleave = !!val;
	3458	+ sctp_sk(sk)->frag_interleave = !!*val;
3547	3459
3548	3460	if (!sctp_sk(sk)->frag_interleave)
3549		- sctp_sk(sk)->strm_interleave = 0;
	3461	+ sctp_sk(sk)->ep->intl_enable = 0;
3550	3462
3551	3463	return 0;
3552	3464	}
..	..	@@ -3568,24 +3480,19 @@
3568	3480	* call as long as the user provided buffer is large enough to hold the
3569	3481	* message.
3570	3482	*/
3571		-static int sctp_setsockopt_partial_delivery_point(struct sock *sk,
3572		- char __user *optval,
	3483	+static int sctp_setsockopt_partial_delivery_point(struct sock sk, u32 val,
3573	3484	unsigned int optlen)
3574	3485	{
3575		- u32 val;
3576		-
3577	3486	if (optlen != sizeof(u32))
3578	3487	return -EINVAL;
3579		- if (get_user(val, (int __user *)optval))
3580		- return -EFAULT;
3581	3488
3582	3489	/* Note: We double the receive buffer from what the user sets
3583	3490	* it to be, also initial rwnd is based on rcvbuf/2.
3584	3491	*/
3585		- if (val > (sk->sk_rcvbuf >> 1))
	3492	+ if (*val > (sk->sk_rcvbuf >> 1))
3586	3493	return -EINVAL;
3587	3494
3588		- sctp_sk(sk)->pd_point = val;
	3495	+ sctp_sk(sk)->pd_point = *val;
3589	3496
3590	3497	return 0; /* is this the right error code? */
3591	3498	}
..	..	@@ -3602,14 +3509,13 @@
3602	3509	* future associations inheriting the socket value.
3603	3510	*/
3604	3511	static int sctp_setsockopt_maxburst(struct sock *sk,
3605		- char __user *optval,
	3512	+ struct sctp_assoc_value *params,
3606	3513	unsigned int optlen)
3607	3514	{
3608		- struct sctp_assoc_value params;
3609		- struct sctp_sock *sp;
	3515	+ struct sctp_sock *sp = sctp_sk(sk);
3610	3516	struct sctp_association *asoc;
3611		- int val;
3612		- int assoc_id = 0;
	3517	+ sctp_assoc_t assoc_id;
	3518	+ u32 assoc_value;
3613	3519
3614	3520	if (optlen == sizeof(int)) {
3615	3521	pr_warn_ratelimited(DEPRECATED
..	..	@@ -3617,25 +3523,33 @@
3617	3523	"Use of int in max_burst socket option deprecated.\n"
3618	3524	"Use struct sctp_assoc_value instead\n",
3619	3525	current->comm, task_pid_nr(current));
3620		- if (copy_from_user(&val, optval, optlen))
3621		- return -EFAULT;
	3526	+ assoc_id = SCTP_FUTURE_ASSOC;
	3527	+ assoc_value = ((int )params);
3622	3528	} else if (optlen == sizeof(struct sctp_assoc_value)) {
3623		- if (copy_from_user(&params, optval, optlen))
3624		- return -EFAULT;
3625		- val = params.assoc_value;
3626		- assoc_id = params.assoc_id;
	3529	+ assoc_id = params->assoc_id;
	3530	+ assoc_value = params->assoc_value;
3627	3531	} else
3628	3532	return -EINVAL;
3629	3533
3630		- sp = sctp_sk(sk);
	3534	+ asoc = sctp_id2assoc(sk, assoc_id);
	3535	+ if (!asoc && assoc_id > SCTP_ALL_ASSOC && sctp_style(sk, UDP))
	3536	+ return -EINVAL;
3631	3537
3632		- if (assoc_id != 0) {
3633		- asoc = sctp_id2assoc(sk, assoc_id);
3634		- if (!asoc)
3635		- return -EINVAL;
3636		- asoc->max_burst = val;
3637		- } else
3638		- sp->max_burst = val;
	3538	+ if (asoc) {
	3539	+ asoc->max_burst = assoc_value;
	3540	+
	3541	+ return 0;
	3542	+ }
	3543	+
	3544	+ if (sctp_style(sk, TCP))
	3545	+ assoc_id = SCTP_FUTURE_ASSOC;
	3546	+
	3547	+ if (assoc_id == SCTP_FUTURE_ASSOC \|\| assoc_id == SCTP_ALL_ASSOC)
	3548	+ sp->max_burst = assoc_value;
	3549	+
	3550	+ if (assoc_id == SCTP_CURRENT_ASSOC \|\| assoc_id == SCTP_ALL_ASSOC)
	3551	+ list_for_each_entry(asoc, &sp->ep->asocs, asocs)
	3552	+ asoc->max_burst = assoc_value;
3639	3553
3640	3554	return 0;
3641	3555	}
..	..	@@ -3648,21 +3562,18 @@
3648	3562	* will only effect future associations on the socket.
3649	3563	*/
3650	3564	static int sctp_setsockopt_auth_chunk(struct sock *sk,
3651		- char __user *optval,
	3565	+ struct sctp_authchunk *val,
3652	3566	unsigned int optlen)
3653	3567	{
3654	3568	struct sctp_endpoint *ep = sctp_sk(sk)->ep;
3655		- struct sctp_authchunk val;
3656	3569
3657	3570	if (!ep->auth_enable)
3658	3571	return -EACCES;
3659	3572
3660	3573	if (optlen != sizeof(struct sctp_authchunk))
3661	3574	return -EINVAL;
3662		- if (copy_from_user(&val, optval, optlen))
3663		- return -EFAULT;
3664	3575
3665		- switch (val.sauth_chunk) {
	3576	+ switch (val->sauth_chunk) {
3666	3577	case SCTP_CID_INIT:
3667	3578	case SCTP_CID_INIT_ACK:
3668	3579	case SCTP_CID_SHUTDOWN_COMPLETE:
..	..	@@ -3671,7 +3582,7 @@
3671	3582	}
3672	3583
3673	3584	/* add this chunk id to the endpoint */
3674		- return sctp_auth_ep_add_chunkid(ep, val.sauth_chunk);
	3585	+ return sctp_auth_ep_add_chunkid(ep, val->sauth_chunk);
3675	3586	}
3676	3587
3677	3588	/*
..	..	@@ -3681,13 +3592,11 @@
3681	3592	* endpoint requires the peer to use.
3682	3593	*/
3683	3594	static int sctp_setsockopt_hmac_ident(struct sock *sk,
3684		- char __user *optval,
	3595	+ struct sctp_hmacalgo *hmacs,
3685	3596	unsigned int optlen)
3686	3597	{
3687	3598	struct sctp_endpoint *ep = sctp_sk(sk)->ep;
3688		- struct sctp_hmacalgo *hmacs;
3689	3599	u32 idents;
3690		- int err;
3691	3600
3692	3601	if (!ep->auth_enable)
3693	3602	return -EACCES;
..	..	@@ -3697,21 +3606,12 @@
3697	3606	optlen = min_t(unsigned int, optlen, sizeof(struct sctp_hmacalgo) +
3698	3607	SCTP_AUTH_NUM_HMACS * sizeof(u16));
3699	3608
3700		- hmacs = memdup_user(optval, optlen);
3701		- if (IS_ERR(hmacs))
3702		- return PTR_ERR(hmacs);
3703		-
3704	3609	idents = hmacs->shmac_num_idents;
3705	3610	if (idents == 0 \|\| idents > SCTP_AUTH_NUM_HMACS \|\|
3706		- (idents * sizeof(u16)) > (optlen - sizeof(struct sctp_hmacalgo))) {
3707		- err = -EINVAL;
3708		- goto out;
3709		- }
	3611	+ (idents * sizeof(u16)) > (optlen - sizeof(struct sctp_hmacalgo)))
	3612	+ return -EINVAL;
3710	3613
3711		- err = sctp_auth_ep_set_hmacs(ep, hmacs);
3712		-out:
3713		- kfree(hmacs);
3714		- return err;
	3614	+ return sctp_auth_ep_set_hmacs(ep, hmacs);
3715	3615	}
3716	3616
3717	3617	/*
..	..	@@ -3721,43 +3621,57 @@
3721	3621	* association shared key.
3722	3622	*/
3723	3623	static int sctp_setsockopt_auth_key(struct sock *sk,
3724		- char __user *optval,
	3624	+ struct sctp_authkey *authkey,
3725	3625	unsigned int optlen)
3726	3626	{
3727	3627	struct sctp_endpoint *ep = sctp_sk(sk)->ep;
3728		- struct sctp_authkey *authkey;
3729	3628	struct sctp_association *asoc;
3730		- int ret;
3731		-
3732		- if (!ep->auth_enable)
3733		- return -EACCES;
	3629	+ int ret = -EINVAL;
3734	3630
3735	3631	if (optlen <= sizeof(struct sctp_authkey))
3736	3632	return -EINVAL;
3737	3633	/* authkey->sca_keylength is u16, so optlen can't be bigger than
3738	3634	* this.
3739	3635	*/
3740		- optlen = min_t(unsigned int, optlen, USHRT_MAX +
3741		- sizeof(struct sctp_authkey));
	3636	+ optlen = min_t(unsigned int, optlen, USHRT_MAX + sizeof(*authkey));
3742	3637
3743		- authkey = memdup_user(optval, optlen);
3744		- if (IS_ERR(authkey))
3745		- return PTR_ERR(authkey);
3746		-
3747		- if (authkey->sca_keylength > optlen - sizeof(struct sctp_authkey)) {
3748		- ret = -EINVAL;
	3638	+ if (authkey->sca_keylength > optlen - sizeof(*authkey))
3749	3639	goto out;
3750		- }
3751	3640
3752	3641	asoc = sctp_id2assoc(sk, authkey->sca_assoc_id);
3753		- if (!asoc && authkey->sca_assoc_id && sctp_style(sk, UDP)) {
3754		- ret = -EINVAL;
	3642	+ if (!asoc && authkey->sca_assoc_id > SCTP_ALL_ASSOC &&
	3643	+ sctp_style(sk, UDP))
	3644	+ goto out;
	3645	+
	3646	+ if (asoc) {
	3647	+ ret = sctp_auth_set_key(ep, asoc, authkey);
3755	3648	goto out;
3756	3649	}
3757	3650
3758		- ret = sctp_auth_set_key(ep, asoc, authkey);
	3651	+ if (sctp_style(sk, TCP))
	3652	+ authkey->sca_assoc_id = SCTP_FUTURE_ASSOC;
	3653	+
	3654	+ if (authkey->sca_assoc_id == SCTP_FUTURE_ASSOC \|\|
	3655	+ authkey->sca_assoc_id == SCTP_ALL_ASSOC) {
	3656	+ ret = sctp_auth_set_key(ep, asoc, authkey);
	3657	+ if (ret)
	3658	+ goto out;
	3659	+ }
	3660	+
	3661	+ ret = 0;
	3662	+
	3663	+ if (authkey->sca_assoc_id == SCTP_CURRENT_ASSOC \|\|
	3664	+ authkey->sca_assoc_id == SCTP_ALL_ASSOC) {
	3665	+ list_for_each_entry(asoc, &ep->asocs, asocs) {
	3666	+ int res = sctp_auth_set_key(ep, asoc, authkey);
	3667	+
	3668	+ if (res && !ret)
	3669	+ ret = res;
	3670	+ }
	3671	+ }
	3672	+
3759	3673	out:
3760		- kzfree(authkey);
	3674	+ memzero_explicit(authkey, optlen);
3761	3675	return ret;
3762	3676	}
3763	3677
..	..	@@ -3768,26 +3682,46 @@
3768	3682	* the association shared key.
3769	3683	*/
3770	3684	static int sctp_setsockopt_active_key(struct sock *sk,
3771		- char __user *optval,
	3685	+ struct sctp_authkeyid *val,
3772	3686	unsigned int optlen)
3773	3687	{
3774	3688	struct sctp_endpoint *ep = sctp_sk(sk)->ep;
3775		- struct sctp_authkeyid val;
3776	3689	struct sctp_association *asoc;
3777		-
3778		- if (!ep->auth_enable)
3779		- return -EACCES;
	3690	+ int ret = 0;
3780	3691
3781	3692	if (optlen != sizeof(struct sctp_authkeyid))
3782	3693	return -EINVAL;
3783		- if (copy_from_user(&val, optval, optlen))
3784		- return -EFAULT;
3785	3694
3786		- asoc = sctp_id2assoc(sk, val.scact_assoc_id);
3787		- if (!asoc && val.scact_assoc_id && sctp_style(sk, UDP))
	3695	+ asoc = sctp_id2assoc(sk, val->scact_assoc_id);
	3696	+ if (!asoc && val->scact_assoc_id > SCTP_ALL_ASSOC &&
	3697	+ sctp_style(sk, UDP))
3788	3698	return -EINVAL;
3789	3699
3790		- return sctp_auth_set_active_key(ep, asoc, val.scact_keynumber);
	3700	+ if (asoc)
	3701	+ return sctp_auth_set_active_key(ep, asoc, val->scact_keynumber);
	3702	+
	3703	+ if (sctp_style(sk, TCP))
	3704	+ val->scact_assoc_id = SCTP_FUTURE_ASSOC;
	3705	+
	3706	+ if (val->scact_assoc_id == SCTP_FUTURE_ASSOC \|\|
	3707	+ val->scact_assoc_id == SCTP_ALL_ASSOC) {
	3708	+ ret = sctp_auth_set_active_key(ep, asoc, val->scact_keynumber);
	3709	+ if (ret)
	3710	+ return ret;
	3711	+ }
	3712	+
	3713	+ if (val->scact_assoc_id == SCTP_CURRENT_ASSOC \|\|
	3714	+ val->scact_assoc_id == SCTP_ALL_ASSOC) {
	3715	+ list_for_each_entry(asoc, &ep->asocs, asocs) {
	3716	+ int res = sctp_auth_set_active_key(ep, asoc,
	3717	+ val->scact_keynumber);
	3718	+
	3719	+ if (res && !ret)
	3720	+ ret = res;
	3721	+ }
	3722	+ }
	3723	+
	3724	+ return ret;
3791	3725	}
3792	3726
3793	3727	/*
..	..	@@ -3796,27 +3730,46 @@
3796	3730	* This set option will delete a shared secret key from use.
3797	3731	*/
3798	3732	static int sctp_setsockopt_del_key(struct sock *sk,
3799		- char __user *optval,
	3733	+ struct sctp_authkeyid *val,
3800	3734	unsigned int optlen)
3801	3735	{
3802	3736	struct sctp_endpoint *ep = sctp_sk(sk)->ep;
3803		- struct sctp_authkeyid val;
3804	3737	struct sctp_association *asoc;
3805		-
3806		- if (!ep->auth_enable)
3807		- return -EACCES;
	3738	+ int ret = 0;
3808	3739
3809	3740	if (optlen != sizeof(struct sctp_authkeyid))
3810	3741	return -EINVAL;
3811		- if (copy_from_user(&val, optval, optlen))
3812		- return -EFAULT;
3813	3742
3814		- asoc = sctp_id2assoc(sk, val.scact_assoc_id);
3815		- if (!asoc && val.scact_assoc_id && sctp_style(sk, UDP))
	3743	+ asoc = sctp_id2assoc(sk, val->scact_assoc_id);
	3744	+ if (!asoc && val->scact_assoc_id > SCTP_ALL_ASSOC &&
	3745	+ sctp_style(sk, UDP))
3816	3746	return -EINVAL;
3817	3747
3818		- return sctp_auth_del_key_id(ep, asoc, val.scact_keynumber);
	3748	+ if (asoc)
	3749	+ return sctp_auth_del_key_id(ep, asoc, val->scact_keynumber);
3819	3750
	3751	+ if (sctp_style(sk, TCP))
	3752	+ val->scact_assoc_id = SCTP_FUTURE_ASSOC;
	3753	+
	3754	+ if (val->scact_assoc_id == SCTP_FUTURE_ASSOC \|\|
	3755	+ val->scact_assoc_id == SCTP_ALL_ASSOC) {
	3756	+ ret = sctp_auth_del_key_id(ep, asoc, val->scact_keynumber);
	3757	+ if (ret)
	3758	+ return ret;
	3759	+ }
	3760	+
	3761	+ if (val->scact_assoc_id == SCTP_CURRENT_ASSOC \|\|
	3762	+ val->scact_assoc_id == SCTP_ALL_ASSOC) {
	3763	+ list_for_each_entry(asoc, &ep->asocs, asocs) {
	3764	+ int res = sctp_auth_del_key_id(ep, asoc,
	3765	+ val->scact_keynumber);
	3766	+
	3767	+ if (res && !ret)
	3768	+ ret = res;
	3769	+ }
	3770	+ }
	3771	+
	3772	+ return ret;
3820	3773	}
3821	3774
3822	3775	/*
..	..	@@ -3824,26 +3777,47 @@
3824	3777	*
3825	3778	* This set option will deactivate a shared secret key.
3826	3779	*/
3827		-static int sctp_setsockopt_deactivate_key(struct sock sk, char __user optval,
	3780	+static int sctp_setsockopt_deactivate_key(struct sock *sk,
	3781	+ struct sctp_authkeyid *val,
3828	3782	unsigned int optlen)
3829	3783	{
3830	3784	struct sctp_endpoint *ep = sctp_sk(sk)->ep;
3831		- struct sctp_authkeyid val;
3832	3785	struct sctp_association *asoc;
3833		-
3834		- if (!ep->auth_enable)
3835		- return -EACCES;
	3786	+ int ret = 0;
3836	3787
3837	3788	if (optlen != sizeof(struct sctp_authkeyid))
3838	3789	return -EINVAL;
3839		- if (copy_from_user(&val, optval, optlen))
3840		- return -EFAULT;
3841	3790
3842		- asoc = sctp_id2assoc(sk, val.scact_assoc_id);
3843		- if (!asoc && val.scact_assoc_id && sctp_style(sk, UDP))
	3791	+ asoc = sctp_id2assoc(sk, val->scact_assoc_id);
	3792	+ if (!asoc && val->scact_assoc_id > SCTP_ALL_ASSOC &&
	3793	+ sctp_style(sk, UDP))
3844	3794	return -EINVAL;
3845	3795
3846		- return sctp_auth_deact_key_id(ep, asoc, val.scact_keynumber);
	3796	+ if (asoc)
	3797	+ return sctp_auth_deact_key_id(ep, asoc, val->scact_keynumber);
	3798	+
	3799	+ if (sctp_style(sk, TCP))
	3800	+ val->scact_assoc_id = SCTP_FUTURE_ASSOC;
	3801	+
	3802	+ if (val->scact_assoc_id == SCTP_FUTURE_ASSOC \|\|
	3803	+ val->scact_assoc_id == SCTP_ALL_ASSOC) {
	3804	+ ret = sctp_auth_deact_key_id(ep, asoc, val->scact_keynumber);
	3805	+ if (ret)
	3806	+ return ret;
	3807	+ }
	3808	+
	3809	+ if (val->scact_assoc_id == SCTP_CURRENT_ASSOC \|\|
	3810	+ val->scact_assoc_id == SCTP_ALL_ASSOC) {
	3811	+ list_for_each_entry(asoc, &ep->asocs, asocs) {
	3812	+ int res = sctp_auth_deact_key_id(ep, asoc,
	3813	+ val->scact_keynumber);
	3814	+
	3815	+ if (res && !ret)
	3816	+ ret = res;
	3817	+ }
	3818	+ }
	3819	+
	3820	+ return ret;
3847	3821	}
3848	3822
3849	3823	/*
..	..	@@ -3860,26 +3834,23 @@
3860	3834	* Note. In this implementation, socket operation overrides default parameter
3861	3835	* being set by sysctl as well as FreeBSD implementation
3862	3836	*/
3863		-static int sctp_setsockopt_auto_asconf(struct sock sk, char __user optval,
	3837	+static int sctp_setsockopt_auto_asconf(struct sock sk, int val,
3864	3838	unsigned int optlen)
3865	3839	{
3866		- int val;
3867	3840	struct sctp_sock *sp = sctp_sk(sk);
3868	3841
3869	3842	if (optlen < sizeof(int))
3870	3843	return -EINVAL;
3871		- if (get_user(val, (int __user *)optval))
3872		- return -EFAULT;
3873		- if (!sctp_is_ep_boundall(sk) && val)
	3844	+ if (!sctp_is_ep_boundall(sk) && *val)
3874	3845	return -EINVAL;
3875		- if ((val && sp->do_auto_asconf) \|\| (!val && !sp->do_auto_asconf))
	3846	+ if ((val && sp->do_auto_asconf) \|\| (!val && !sp->do_auto_asconf))
3876	3847	return 0;
3877	3848
3878	3849	spin_lock_bh(&sock_net(sk)->sctp.addr_wq_lock);
3879		- if (val == 0 && sp->do_auto_asconf) {
	3850	+ if (*val == 0 && sp->do_auto_asconf) {
3880	3851	list_del(&sp->auto_asconf_list);
3881	3852	sp->do_auto_asconf = 0;
3882		- } else if (val && !sp->do_auto_asconf) {
	3853	+ } else if (*val && !sp->do_auto_asconf) {
3883	3854	list_add_tail(&sp->auto_asconf_list,
3884	3855	&sock_net(sk)->sctp.auto_asconf_splist);
3885	3856	sp->do_auto_asconf = 1;
..	..	@@ -3896,164 +3867,177 @@
3896	3867	* http://www.ietf.org/id/draft-nishida-tsvwg-sctp-failover-05.txt
3897	3868	*/
3898	3869	static int sctp_setsockopt_paddr_thresholds(struct sock *sk,
3899		- char __user *optval,
3900		- unsigned int optlen)
	3870	+ struct sctp_paddrthlds_v2 *val,
	3871	+ unsigned int optlen, bool v2)
3901	3872	{
3902		- struct sctp_paddrthlds val;
3903	3873	struct sctp_transport *trans;
3904	3874	struct sctp_association *asoc;
	3875	+ int len;
3905	3876
3906		- if (optlen < sizeof(struct sctp_paddrthlds))
	3877	+ len = v2 ? sizeof(*val) : sizeof(struct sctp_paddrthlds);
	3878	+ if (optlen < len)
3907	3879	return -EINVAL;
3908		- if (copy_from_user(&val, (struct sctp_paddrthlds __user *)optval,
3909		- sizeof(struct sctp_paddrthlds)))
3910		- return -EFAULT;
3911	3880
	3881	+ if (v2 && val->spt_pathpfthld > val->spt_pathcpthld)
	3882	+ return -EINVAL;
3912	3883
3913		- if (sctp_is_any(sk, (const union sctp_addr *)&val.spt_address)) {
3914		- asoc = sctp_id2assoc(sk, val.spt_assoc_id);
3915		- if (!asoc)
3916		- return -ENOENT;
3917		- list_for_each_entry(trans, &asoc->peer.transport_addr_list,
3918		- transports) {
3919		- if (val.spt_pathmaxrxt)
3920		- trans->pathmaxrxt = val.spt_pathmaxrxt;
3921		- trans->pf_retrans = val.spt_pathpfthld;
3922		- }
3923		-
3924		- if (val.spt_pathmaxrxt)
3925		- asoc->pathmaxrxt = val.spt_pathmaxrxt;
3926		- asoc->pf_retrans = val.spt_pathpfthld;
3927		- } else {
3928		- trans = sctp_addr_id2transport(sk, &val.spt_address,
3929		- val.spt_assoc_id);
	3884	+ if (!sctp_is_any(sk, (const union sctp_addr *)&val->spt_address)) {
	3885	+ trans = sctp_addr_id2transport(sk, &val->spt_address,
	3886	+ val->spt_assoc_id);
3930	3887	if (!trans)
3931	3888	return -ENOENT;
3932	3889
3933		- if (val.spt_pathmaxrxt)
3934		- trans->pathmaxrxt = val.spt_pathmaxrxt;
3935		- trans->pf_retrans = val.spt_pathpfthld;
	3890	+ if (val->spt_pathmaxrxt)
	3891	+ trans->pathmaxrxt = val->spt_pathmaxrxt;
	3892	+ if (v2)
	3893	+ trans->ps_retrans = val->spt_pathcpthld;
	3894	+ trans->pf_retrans = val->spt_pathpfthld;
	3895	+
	3896	+ return 0;
	3897	+ }
	3898	+
	3899	+ asoc = sctp_id2assoc(sk, val->spt_assoc_id);
	3900	+ if (!asoc && val->spt_assoc_id != SCTP_FUTURE_ASSOC &&
	3901	+ sctp_style(sk, UDP))
	3902	+ return -EINVAL;
	3903	+
	3904	+ if (asoc) {
	3905	+ list_for_each_entry(trans, &asoc->peer.transport_addr_list,
	3906	+ transports) {
	3907	+ if (val->spt_pathmaxrxt)
	3908	+ trans->pathmaxrxt = val->spt_pathmaxrxt;
	3909	+ if (v2)
	3910	+ trans->ps_retrans = val->spt_pathcpthld;
	3911	+ trans->pf_retrans = val->spt_pathpfthld;
	3912	+ }
	3913	+
	3914	+ if (val->spt_pathmaxrxt)
	3915	+ asoc->pathmaxrxt = val->spt_pathmaxrxt;
	3916	+ if (v2)
	3917	+ asoc->ps_retrans = val->spt_pathcpthld;
	3918	+ asoc->pf_retrans = val->spt_pathpfthld;
	3919	+ } else {
	3920	+ struct sctp_sock *sp = sctp_sk(sk);
	3921	+
	3922	+ if (val->spt_pathmaxrxt)
	3923	+ sp->pathmaxrxt = val->spt_pathmaxrxt;
	3924	+ if (v2)
	3925	+ sp->ps_retrans = val->spt_pathcpthld;
	3926	+ sp->pf_retrans = val->spt_pathpfthld;
3936	3927	}
3937	3928
3938	3929	return 0;
3939	3930	}
3940	3931
3941		-static int sctp_setsockopt_recvrcvinfo(struct sock *sk,
3942		- char __user *optval,
	3932	+static int sctp_setsockopt_recvrcvinfo(struct sock sk, int val,
3943	3933	unsigned int optlen)
3944	3934	{
3945		- int val;
3946		-
3947	3935	if (optlen < sizeof(int))
3948	3936	return -EINVAL;
3949		- if (get_user(val, (int __user *) optval))
3950		- return -EFAULT;
3951	3937
3952		- sctp_sk(sk)->recvrcvinfo = (val == 0) ? 0 : 1;
	3938	+ sctp_sk(sk)->recvrcvinfo = (*val == 0) ? 0 : 1;
3953	3939
3954	3940	return 0;
3955	3941	}
3956	3942
3957		-static int sctp_setsockopt_recvnxtinfo(struct sock *sk,
3958		- char __user *optval,
	3943	+static int sctp_setsockopt_recvnxtinfo(struct sock sk, int val,
3959	3944	unsigned int optlen)
3960	3945	{
3961		- int val;
3962		-
3963	3946	if (optlen < sizeof(int))
3964	3947	return -EINVAL;
3965		- if (get_user(val, (int __user *) optval))
3966		- return -EFAULT;
3967	3948
3968		- sctp_sk(sk)->recvnxtinfo = (val == 0) ? 0 : 1;
	3949	+ sctp_sk(sk)->recvnxtinfo = (*val == 0) ? 0 : 1;
3969	3950
3970	3951	return 0;
3971	3952	}
3972	3953
3973	3954	static int sctp_setsockopt_pr_supported(struct sock *sk,
3974		- char __user *optval,
	3955	+ struct sctp_assoc_value *params,
3975	3956	unsigned int optlen)
3976	3957	{
3977		- struct sctp_assoc_value params;
	3958	+ struct sctp_association *asoc;
3978	3959
3979		- if (optlen != sizeof(params))
	3960	+ if (optlen != sizeof(*params))
3980	3961	return -EINVAL;
3981	3962
3982		- if (copy_from_user(&params, optval, optlen))
3983		- return -EFAULT;
	3963	+ asoc = sctp_id2assoc(sk, params->assoc_id);
	3964	+ if (!asoc && params->assoc_id != SCTP_FUTURE_ASSOC &&
	3965	+ sctp_style(sk, UDP))
	3966	+ return -EINVAL;
3984	3967
3985		- sctp_sk(sk)->ep->prsctp_enable = !!params.assoc_value;
	3968	+ sctp_sk(sk)->ep->prsctp_enable = !!params->assoc_value;
3986	3969
3987	3970	return 0;
3988	3971	}
3989	3972
3990	3973	static int sctp_setsockopt_default_prinfo(struct sock *sk,
3991		- char __user *optval,
	3974	+ struct sctp_default_prinfo *info,
3992	3975	unsigned int optlen)
3993	3976	{
3994		- struct sctp_default_prinfo info;
	3977	+ struct sctp_sock *sp = sctp_sk(sk);
3995	3978	struct sctp_association *asoc;
3996	3979	int retval = -EINVAL;
3997	3980
3998		- if (optlen != sizeof(info))
	3981	+ if (optlen != sizeof(*info))
3999	3982	goto out;
4000	3983
4001		- if (copy_from_user(&info, optval, sizeof(info))) {
4002		- retval = -EFAULT;
4003		- goto out;
4004		- }
4005		-
4006		- if (info.pr_policy & ~SCTP_PR_SCTP_MASK)
	3984	+ if (info->pr_policy & ~SCTP_PR_SCTP_MASK)
4007	3985	goto out;
4008	3986
4009		- if (info.pr_policy == SCTP_PR_SCTP_NONE)
4010		- info.pr_value = 0;
	3987	+ if (info->pr_policy == SCTP_PR_SCTP_NONE)
	3988	+ info->pr_value = 0;
4011	3989
4012		- asoc = sctp_id2assoc(sk, info.pr_assoc_id);
4013		- if (asoc) {
4014		- SCTP_PR_SET_POLICY(asoc->default_flags, info.pr_policy);
4015		- asoc->default_timetolive = info.pr_value;
4016		- } else if (!info.pr_assoc_id) {
4017		- struct sctp_sock *sp = sctp_sk(sk);
4018		-
4019		- SCTP_PR_SET_POLICY(sp->default_flags, info.pr_policy);
4020		- sp->default_timetolive = info.pr_value;
4021		- } else {
	3990	+ asoc = sctp_id2assoc(sk, info->pr_assoc_id);
	3991	+ if (!asoc && info->pr_assoc_id > SCTP_ALL_ASSOC &&
	3992	+ sctp_style(sk, UDP))
4022	3993	goto out;
4023		- }
4024	3994
4025	3995	retval = 0;
	3996	+
	3997	+ if (asoc) {
	3998	+ SCTP_PR_SET_POLICY(asoc->default_flags, info->pr_policy);
	3999	+ asoc->default_timetolive = info->pr_value;
	4000	+ goto out;
	4001	+ }
	4002	+
	4003	+ if (sctp_style(sk, TCP))
	4004	+ info->pr_assoc_id = SCTP_FUTURE_ASSOC;
	4005	+
	4006	+ if (info->pr_assoc_id == SCTP_FUTURE_ASSOC \|\|
	4007	+ info->pr_assoc_id == SCTP_ALL_ASSOC) {
	4008	+ SCTP_PR_SET_POLICY(sp->default_flags, info->pr_policy);
	4009	+ sp->default_timetolive = info->pr_value;
	4010	+ }
	4011	+
	4012	+ if (info->pr_assoc_id == SCTP_CURRENT_ASSOC \|\|
	4013	+ info->pr_assoc_id == SCTP_ALL_ASSOC) {
	4014	+ list_for_each_entry(asoc, &sp->ep->asocs, asocs) {
	4015	+ SCTP_PR_SET_POLICY(asoc->default_flags,
	4016	+ info->pr_policy);
	4017	+ asoc->default_timetolive = info->pr_value;
	4018	+ }
	4019	+ }
4026	4020
4027	4021	out:
4028	4022	return retval;
4029	4023	}
4030	4024
4031	4025	static int sctp_setsockopt_reconfig_supported(struct sock *sk,
4032		- char __user *optval,
	4026	+ struct sctp_assoc_value *params,
4033	4027	unsigned int optlen)
4034	4028	{
4035		- struct sctp_assoc_value params;
4036	4029	struct sctp_association *asoc;
4037	4030	int retval = -EINVAL;
4038	4031
4039		- if (optlen != sizeof(params))
	4032	+ if (optlen != sizeof(*params))
4040	4033	goto out;
4041	4034
4042		- if (copy_from_user(&params, optval, optlen)) {
4043		- retval = -EFAULT;
	4035	+ asoc = sctp_id2assoc(sk, params->assoc_id);
	4036	+ if (!asoc && params->assoc_id != SCTP_FUTURE_ASSOC &&
	4037	+ sctp_style(sk, UDP))
4044	4038	goto out;
4045		- }
4046	4039
4047		- asoc = sctp_id2assoc(sk, params.assoc_id);
4048		- if (asoc) {
4049		- asoc->reconf_enable = !!params.assoc_value;
4050		- } else if (!params.assoc_id) {
4051		- struct sctp_sock *sp = sctp_sk(sk);
4052		-
4053		- sp->ep->reconf_enable = !!params.assoc_value;
4054		- } else {
4055		- goto out;
4056		- }
	4040	+ sctp_sk(sk)->ep->reconf_enable = !!params->assoc_value;
4057	4041
4058	4042	retval = 0;
4059	4043
..	..	@@ -4062,48 +4046,52 @@
4062	4046	}
4063	4047
4064	4048	static int sctp_setsockopt_enable_strreset(struct sock *sk,
4065		- char __user *optval,
	4049	+ struct sctp_assoc_value *params,
4066	4050	unsigned int optlen)
4067	4051	{
4068		- struct sctp_assoc_value params;
	4052	+ struct sctp_endpoint *ep = sctp_sk(sk)->ep;
4069	4053	struct sctp_association *asoc;
4070	4054	int retval = -EINVAL;
4071	4055
4072		- if (optlen != sizeof(params))
	4056	+ if (optlen != sizeof(*params))
4073	4057	goto out;
4074	4058
4075		- if (copy_from_user(&params, optval, optlen)) {
4076		- retval = -EFAULT;
4077		- goto out;
4078		- }
4079		-
4080		- if (params.assoc_value & (~SCTP_ENABLE_STRRESET_MASK))
	4059	+ if (params->assoc_value & (~SCTP_ENABLE_STRRESET_MASK))
4081	4060	goto out;
4082	4061
4083		- asoc = sctp_id2assoc(sk, params.assoc_id);
4084		- if (asoc) {
4085		- asoc->strreset_enable = params.assoc_value;
4086		- } else if (!params.assoc_id) {
4087		- struct sctp_sock *sp = sctp_sk(sk);
4088		-
4089		- sp->ep->strreset_enable = params.assoc_value;
4090		- } else {
	4062	+ asoc = sctp_id2assoc(sk, params->assoc_id);
	4063	+ if (!asoc && params->assoc_id > SCTP_ALL_ASSOC &&
	4064	+ sctp_style(sk, UDP))
4091	4065	goto out;
4092		- }
4093	4066
4094	4067	retval = 0;
	4068	+
	4069	+ if (asoc) {
	4070	+ asoc->strreset_enable = params->assoc_value;
	4071	+ goto out;
	4072	+ }
	4073	+
	4074	+ if (sctp_style(sk, TCP))
	4075	+ params->assoc_id = SCTP_FUTURE_ASSOC;
	4076	+
	4077	+ if (params->assoc_id == SCTP_FUTURE_ASSOC \|\|
	4078	+ params->assoc_id == SCTP_ALL_ASSOC)
	4079	+ ep->strreset_enable = params->assoc_value;
	4080	+
	4081	+ if (params->assoc_id == SCTP_CURRENT_ASSOC \|\|
	4082	+ params->assoc_id == SCTP_ALL_ASSOC)
	4083	+ list_for_each_entry(asoc, &ep->asocs, asocs)
	4084	+ asoc->strreset_enable = params->assoc_value;
4095	4085
4096	4086	out:
4097	4087	return retval;
4098	4088	}
4099	4089
4100	4090	static int sctp_setsockopt_reset_streams(struct sock *sk,
4101		- char __user *optval,
	4091	+ struct sctp_reset_streams *params,
4102	4092	unsigned int optlen)
4103	4093	{
4104		- struct sctp_reset_streams *params;
4105	4094	struct sctp_association *asoc;
4106		- int retval = -EINVAL;
4107	4095
4108	4096	if (optlen < sizeof(*params))
4109	4097	return -EINVAL;
..	..	@@ -4111,174 +4099,151 @@
4111	4099	optlen = min_t(unsigned int, optlen, USHRT_MAX +
4112	4100	sizeof(__u16) * sizeof(*params));
4113	4101
4114		- params = memdup_user(optval, optlen);
4115		- if (IS_ERR(params))
4116		- return PTR_ERR(params);
4117		-
4118	4102	if (params->srs_number_streams * sizeof(__u16) >
4119	4103	optlen - sizeof(*params))
4120		- goto out;
	4104	+ return -EINVAL;
4121	4105
4122	4106	asoc = sctp_id2assoc(sk, params->srs_assoc_id);
4123	4107	if (!asoc)
4124		- goto out;
	4108	+ return -EINVAL;
4125	4109
4126		- retval = sctp_send_reset_streams(asoc, params);
4127		-
4128		-out:
4129		- kfree(params);
4130		- return retval;
	4110	+ return sctp_send_reset_streams(asoc, params);
4131	4111	}
4132	4112
4133		-static int sctp_setsockopt_reset_assoc(struct sock *sk,
4134		- char __user *optval,
	4113	+static int sctp_setsockopt_reset_assoc(struct sock sk, sctp_assoc_t associd,
4135	4114	unsigned int optlen)
4136	4115	{
4137	4116	struct sctp_association *asoc;
4138		- sctp_assoc_t associd;
4139		- int retval = -EINVAL;
4140	4117
4141		- if (optlen != sizeof(associd))
4142		- goto out;
	4118	+ if (optlen != sizeof(*associd))
	4119	+ return -EINVAL;
4143	4120
4144		- if (copy_from_user(&associd, optval, optlen)) {
4145		- retval = -EFAULT;
4146		- goto out;
4147		- }
4148		-
4149		- asoc = sctp_id2assoc(sk, associd);
	4121	+ asoc = sctp_id2assoc(sk, *associd);
4150	4122	if (!asoc)
4151		- goto out;
	4123	+ return -EINVAL;
4152	4124
4153		- retval = sctp_send_reset_assoc(asoc);
4154		-
4155		-out:
4156		- return retval;
	4125	+ return sctp_send_reset_assoc(asoc);
4157	4126	}
4158	4127
4159	4128	static int sctp_setsockopt_add_streams(struct sock *sk,
4160		- char __user *optval,
	4129	+ struct sctp_add_streams *params,
4161	4130	unsigned int optlen)
4162	4131	{
4163	4132	struct sctp_association *asoc;
4164		- struct sctp_add_streams params;
4165		- int retval = -EINVAL;
4166	4133
4167		- if (optlen != sizeof(params))
4168		- goto out;
	4134	+ if (optlen != sizeof(*params))
	4135	+ return -EINVAL;
4169	4136
4170		- if (copy_from_user(&params, optval, optlen)) {
4171		- retval = -EFAULT;
4172		- goto out;
4173		- }
4174		-
4175		- asoc = sctp_id2assoc(sk, params.sas_assoc_id);
	4137	+ asoc = sctp_id2assoc(sk, params->sas_assoc_id);
4176	4138	if (!asoc)
4177		- goto out;
	4139	+ return -EINVAL;
4178	4140
4179		- retval = sctp_send_add_streams(asoc, &params);
4180		-
4181		-out:
4182		- return retval;
	4141	+ return sctp_send_add_streams(asoc, params);
4183	4142	}
4184	4143
4185	4144	static int sctp_setsockopt_scheduler(struct sock *sk,
4186		- char __user *optval,
	4145	+ struct sctp_assoc_value *params,
4187	4146	unsigned int optlen)
4188	4147	{
	4148	+ struct sctp_sock *sp = sctp_sk(sk);
4189	4149	struct sctp_association *asoc;
4190		- struct sctp_assoc_value params;
4191		- int retval = -EINVAL;
	4150	+ int retval = 0;
4192	4151
4193		- if (optlen < sizeof(params))
4194		- goto out;
	4152	+ if (optlen < sizeof(*params))
	4153	+ return -EINVAL;
4195	4154
4196		- optlen = sizeof(params);
4197		- if (copy_from_user(&params, optval, optlen)) {
4198		- retval = -EFAULT;
4199		- goto out;
	4155	+ if (params->assoc_value > SCTP_SS_MAX)
	4156	+ return -EINVAL;
	4157	+
	4158	+ asoc = sctp_id2assoc(sk, params->assoc_id);
	4159	+ if (!asoc && params->assoc_id > SCTP_ALL_ASSOC &&
	4160	+ sctp_style(sk, UDP))
	4161	+ return -EINVAL;
	4162	+
	4163	+ if (asoc)
	4164	+ return sctp_sched_set_sched(asoc, params->assoc_value);
	4165	+
	4166	+ if (sctp_style(sk, TCP))
	4167	+ params->assoc_id = SCTP_FUTURE_ASSOC;
	4168	+
	4169	+ if (params->assoc_id == SCTP_FUTURE_ASSOC \|\|
	4170	+ params->assoc_id == SCTP_ALL_ASSOC)
	4171	+ sp->default_ss = params->assoc_value;
	4172	+
	4173	+ if (params->assoc_id == SCTP_CURRENT_ASSOC \|\|
	4174	+ params->assoc_id == SCTP_ALL_ASSOC) {
	4175	+ list_for_each_entry(asoc, &sp->ep->asocs, asocs) {
	4176	+ int ret = sctp_sched_set_sched(asoc,
	4177	+ params->assoc_value);
	4178	+
	4179	+ if (ret && !retval)
	4180	+ retval = ret;
	4181	+ }
4200	4182	}
4201	4183
4202		- if (params.assoc_value > SCTP_SS_MAX)
4203		- goto out;
4204		-
4205		- asoc = sctp_id2assoc(sk, params.assoc_id);
4206		- if (!asoc)
4207		- goto out;
4208		-
4209		- retval = sctp_sched_set_sched(asoc, params.assoc_value);
4210		-
4211		-out:
4212	4184	return retval;
4213	4185	}
4214	4186
4215	4187	static int sctp_setsockopt_scheduler_value(struct sock *sk,
4216		- char __user *optval,
	4188	+ struct sctp_stream_value *params,
4217	4189	unsigned int optlen)
4218	4190	{
4219	4191	struct sctp_association *asoc;
4220		- struct sctp_stream_value params;
4221	4192	int retval = -EINVAL;
4222	4193
4223		- if (optlen < sizeof(params))
	4194	+ if (optlen < sizeof(*params))
4224	4195	goto out;
4225	4196
4226		- optlen = sizeof(params);
4227		- if (copy_from_user(&params, optval, optlen)) {
4228		- retval = -EFAULT;
	4197	+ asoc = sctp_id2assoc(sk, params->assoc_id);
	4198	+ if (!asoc && params->assoc_id != SCTP_CURRENT_ASSOC &&
	4199	+ sctp_style(sk, UDP))
	4200	+ goto out;
	4201	+
	4202	+ if (asoc) {
	4203	+ retval = sctp_sched_set_value(asoc, params->stream_id,
	4204	+ params->stream_value, GFP_KERNEL);
4229	4205	goto out;
4230	4206	}
4231	4207
4232		- asoc = sctp_id2assoc(sk, params.assoc_id);
4233		- if (!asoc)
4234		- goto out;
	4208	+ retval = 0;
4235	4209
4236		- retval = sctp_sched_set_value(asoc, params.stream_id,
4237		- params.stream_value, GFP_KERNEL);
	4210	+ list_for_each_entry(asoc, &sctp_sk(sk)->ep->asocs, asocs) {
	4211	+ int ret = sctp_sched_set_value(asoc, params->stream_id,
	4212	+ params->stream_value,
	4213	+ GFP_KERNEL);
	4214	+ if (ret && !retval) /* try to return the 1st error. */
	4215	+ retval = ret;
	4216	+ }
4238	4217
4239	4218	out:
4240	4219	return retval;
4241	4220	}
4242	4221
4243	4222	static int sctp_setsockopt_interleaving_supported(struct sock *sk,
4244		- char __user *optval,
	4223	+ struct sctp_assoc_value *p,
4245	4224	unsigned int optlen)
4246	4225	{
4247	4226	struct sctp_sock *sp = sctp_sk(sk);
4248		- struct net *net = sock_net(sk);
4249		- struct sctp_assoc_value params;
4250		- int retval = -EINVAL;
	4227	+ struct sctp_association *asoc;
4251	4228
4252		- if (optlen < sizeof(params))
4253		- goto out;
	4229	+ if (optlen < sizeof(*p))
	4230	+ return -EINVAL;
4254	4231
4255		- optlen = sizeof(params);
4256		- if (copy_from_user(&params, optval, optlen)) {
4257		- retval = -EFAULT;
4258		- goto out;
	4232	+ asoc = sctp_id2assoc(sk, p->assoc_id);
	4233	+ if (!asoc && p->assoc_id != SCTP_FUTURE_ASSOC && sctp_style(sk, UDP))
	4234	+ return -EINVAL;
	4235	+
	4236	+ if (!sock_net(sk)->sctp.intl_enable \|\| !sp->frag_interleave) {
	4237	+ return -EPERM;
4259	4238	}
4260	4239
4261		- if (params.assoc_id)
4262		- goto out;
4263		-
4264		- if (!net->sctp.intl_enable \|\| !sp->frag_interleave) {
4265		- retval = -EPERM;
4266		- goto out;
4267		- }
4268		-
4269		- sp->strm_interleave = !!params.assoc_value;
4270		-
4271		- retval = 0;
4272		-
4273		-out:
4274		- return retval;
	4240	+ sp->ep->intl_enable = !!p->assoc_value;
	4241	+ return 0;
4275	4242	}
4276	4243
4277		-static int sctp_setsockopt_reuse_port(struct sock sk, char __user optval,
	4244	+static int sctp_setsockopt_reuse_port(struct sock sk, int val,
4278	4245	unsigned int optlen)
4279	4246	{
4280		- int val;
4281		-
4282	4247	if (!sctp_style(sk, TCP))
4283	4248	return -EOPNOTSUPP;
4284	4249
..	..	@@ -4288,12 +4253,187 @@
4288	4253	if (optlen < sizeof(int))
4289	4254	return -EINVAL;
4290	4255
4291		- if (get_user(val, (int __user *)optval))
4292		- return -EFAULT;
4293		-
4294		- sctp_sk(sk)->reuse = !!val;
	4256	+ sctp_sk(sk)->reuse = !!*val;
4295	4257
4296	4258	return 0;
	4259	+}
	4260	+
	4261	+static int sctp_assoc_ulpevent_type_set(struct sctp_event *param,
	4262	+ struct sctp_association *asoc)
	4263	+{
	4264	+ struct sctp_ulpevent *event;
	4265	+
	4266	+ sctp_ulpevent_type_set(&asoc->subscribe, param->se_type, param->se_on);
	4267	+
	4268	+ if (param->se_type == SCTP_SENDER_DRY_EVENT && param->se_on) {
	4269	+ if (sctp_outq_is_empty(&asoc->outqueue)) {
	4270	+ event = sctp_ulpevent_make_sender_dry_event(asoc,
	4271	+ GFP_USER \| __GFP_NOWARN);
	4272	+ if (!event)
	4273	+ return -ENOMEM;
	4274	+
	4275	+ asoc->stream.si->enqueue_event(&asoc->ulpq, event);
	4276	+ }
	4277	+ }
	4278	+
	4279	+ return 0;
	4280	+}
	4281	+
	4282	+static int sctp_setsockopt_event(struct sock sk, struct sctp_event param,
	4283	+ unsigned int optlen)
	4284	+{
	4285	+ struct sctp_sock *sp = sctp_sk(sk);
	4286	+ struct sctp_association *asoc;
	4287	+ int retval = 0;
	4288	+
	4289	+ if (optlen < sizeof(*param))
	4290	+ return -EINVAL;
	4291	+
	4292	+ if (param->se_type < SCTP_SN_TYPE_BASE \|\|
	4293	+ param->se_type > SCTP_SN_TYPE_MAX)
	4294	+ return -EINVAL;
	4295	+
	4296	+ asoc = sctp_id2assoc(sk, param->se_assoc_id);
	4297	+ if (!asoc && param->se_assoc_id > SCTP_ALL_ASSOC &&
	4298	+ sctp_style(sk, UDP))
	4299	+ return -EINVAL;
	4300	+
	4301	+ if (asoc)
	4302	+ return sctp_assoc_ulpevent_type_set(param, asoc);
	4303	+
	4304	+ if (sctp_style(sk, TCP))
	4305	+ param->se_assoc_id = SCTP_FUTURE_ASSOC;
	4306	+
	4307	+ if (param->se_assoc_id == SCTP_FUTURE_ASSOC \|\|
	4308	+ param->se_assoc_id == SCTP_ALL_ASSOC)
	4309	+ sctp_ulpevent_type_set(&sp->subscribe,
	4310	+ param->se_type, param->se_on);
	4311	+
	4312	+ if (param->se_assoc_id == SCTP_CURRENT_ASSOC \|\|
	4313	+ param->se_assoc_id == SCTP_ALL_ASSOC) {
	4314	+ list_for_each_entry(asoc, &sp->ep->asocs, asocs) {
	4315	+ int ret = sctp_assoc_ulpevent_type_set(param, asoc);
	4316	+
	4317	+ if (ret && !retval)
	4318	+ retval = ret;
	4319	+ }
	4320	+ }
	4321	+
	4322	+ return retval;
	4323	+}
	4324	+
	4325	+static int sctp_setsockopt_asconf_supported(struct sock *sk,
	4326	+ struct sctp_assoc_value *params,
	4327	+ unsigned int optlen)
	4328	+{
	4329	+ struct sctp_association *asoc;
	4330	+ struct sctp_endpoint *ep;
	4331	+ int retval = -EINVAL;
	4332	+
	4333	+ if (optlen != sizeof(*params))
	4334	+ goto out;
	4335	+
	4336	+ asoc = sctp_id2assoc(sk, params->assoc_id);
	4337	+ if (!asoc && params->assoc_id != SCTP_FUTURE_ASSOC &&
	4338	+ sctp_style(sk, UDP))
	4339	+ goto out;
	4340	+
	4341	+ ep = sctp_sk(sk)->ep;
	4342	+ ep->asconf_enable = !!params->assoc_value;
	4343	+
	4344	+ if (ep->asconf_enable && ep->auth_enable) {
	4345	+ sctp_auth_ep_add_chunkid(ep, SCTP_CID_ASCONF);
	4346	+ sctp_auth_ep_add_chunkid(ep, SCTP_CID_ASCONF_ACK);
	4347	+ }
	4348	+
	4349	+ retval = 0;
	4350	+
	4351	+out:
	4352	+ return retval;
	4353	+}
	4354	+
	4355	+static int sctp_setsockopt_auth_supported(struct sock *sk,
	4356	+ struct sctp_assoc_value *params,
	4357	+ unsigned int optlen)
	4358	+{
	4359	+ struct sctp_association *asoc;
	4360	+ struct sctp_endpoint *ep;
	4361	+ int retval = -EINVAL;
	4362	+
	4363	+ if (optlen != sizeof(*params))
	4364	+ goto out;
	4365	+
	4366	+ asoc = sctp_id2assoc(sk, params->assoc_id);
	4367	+ if (!asoc && params->assoc_id != SCTP_FUTURE_ASSOC &&
	4368	+ sctp_style(sk, UDP))
	4369	+ goto out;
	4370	+
	4371	+ ep = sctp_sk(sk)->ep;
	4372	+ if (params->assoc_value) {
	4373	+ retval = sctp_auth_init(ep, GFP_KERNEL);
	4374	+ if (retval)
	4375	+ goto out;
	4376	+ if (ep->asconf_enable) {
	4377	+ sctp_auth_ep_add_chunkid(ep, SCTP_CID_ASCONF);
	4378	+ sctp_auth_ep_add_chunkid(ep, SCTP_CID_ASCONF_ACK);
	4379	+ }
	4380	+ }
	4381	+
	4382	+ ep->auth_enable = !!params->assoc_value;
	4383	+ retval = 0;
	4384	+
	4385	+out:
	4386	+ return retval;
	4387	+}
	4388	+
	4389	+static int sctp_setsockopt_ecn_supported(struct sock *sk,
	4390	+ struct sctp_assoc_value *params,
	4391	+ unsigned int optlen)
	4392	+{
	4393	+ struct sctp_association *asoc;
	4394	+ int retval = -EINVAL;
	4395	+
	4396	+ if (optlen != sizeof(*params))
	4397	+ goto out;
	4398	+
	4399	+ asoc = sctp_id2assoc(sk, params->assoc_id);
	4400	+ if (!asoc && params->assoc_id != SCTP_FUTURE_ASSOC &&
	4401	+ sctp_style(sk, UDP))
	4402	+ goto out;
	4403	+
	4404	+ sctp_sk(sk)->ep->ecn_enable = !!params->assoc_value;
	4405	+ retval = 0;
	4406	+
	4407	+out:
	4408	+ return retval;
	4409	+}
	4410	+
	4411	+static int sctp_setsockopt_pf_expose(struct sock *sk,
	4412	+ struct sctp_assoc_value *params,
	4413	+ unsigned int optlen)
	4414	+{
	4415	+ struct sctp_association *asoc;
	4416	+ int retval = -EINVAL;
	4417	+
	4418	+ if (optlen != sizeof(*params))
	4419	+ goto out;
	4420	+
	4421	+ if (params->assoc_value > SCTP_PF_EXPOSE_MAX)
	4422	+ goto out;
	4423	+
	4424	+ asoc = sctp_id2assoc(sk, params->assoc_id);
	4425	+ if (!asoc && params->assoc_id != SCTP_FUTURE_ASSOC &&
	4426	+ sctp_style(sk, UDP))
	4427	+ goto out;
	4428	+
	4429	+ if (asoc)
	4430	+ asoc->pf_expose = params->assoc_value;
	4431	+ else
	4432	+ sctp_sk(sk)->pf_expose = params->assoc_value;
	4433	+ retval = 0;
	4434	+
	4435	+out:
	4436	+ return retval;
4297	4437	}
4298	4438
4299	4439	/* API 6.2 setsockopt(), getsockopt()
..	..	@@ -4316,8 +4456,9 @@
4316	4456	* optlen - the size of the buffer.
4317	4457	*/
4318	4458	static int sctp_setsockopt(struct sock *sk, int level, int optname,
4319		- char __user *optval, unsigned int optlen)
	4459	+ sockptr_t optval, unsigned int optlen)
4320	4460	{
	4461	+ void *kopt = NULL;
4321	4462	int retval = 0;
4322	4463
4323	4464	pr_debug("%s: sk:%p, optname:%d\n", __func__, sk, optname);
..	..	@@ -4330,8 +4471,18 @@
4330	4471	*/
4331	4472	if (level != SOL_SCTP) {
4332	4473	struct sctp_af *af = sctp_sk(sk)->pf->af;
4333		- retval = af->setsockopt(sk, level, optname, optval, optlen);
4334		- goto out_nounlock;
	4474	+
	4475	+ return af->setsockopt(sk, level, optname, optval, optlen);
	4476	+ }
	4477	+
	4478	+ if (optlen > 0) {
	4479	+ /* Trim it to the biggest size sctp sockopt may need if necessary */
	4480	+ optlen = min_t(unsigned int, optlen,
	4481	+ PAGE_ALIGN(USHRT_MAX +
	4482	+ sizeof(__u16) * sizeof(struct sctp_reset_streams)));
	4483	+ kopt = memdup_sockptr(optval, optlen);
	4484	+ if (IS_ERR(kopt))
	4485	+ return PTR_ERR(kopt);
4335	4486	}
4336	4487
4337	4488	lock_sock(sk);
..	..	@@ -4339,159 +4490,174 @@
4339	4490	switch (optname) {
4340	4491	case SCTP_SOCKOPT_BINDX_ADD:
4341	4492	/* 'optlen' is the size of the addresses buffer. */
4342		- retval = sctp_setsockopt_bindx(sk, (struct sockaddr __user *)optval,
4343		- optlen, SCTP_BINDX_ADD_ADDR);
	4493	+ retval = sctp_setsockopt_bindx(sk, kopt, optlen,
	4494	+ SCTP_BINDX_ADD_ADDR);
4344	4495	break;
4345	4496
4346	4497	case SCTP_SOCKOPT_BINDX_REM:
4347	4498	/* 'optlen' is the size of the addresses buffer. */
4348		- retval = sctp_setsockopt_bindx(sk, (struct sockaddr __user *)optval,
4349		- optlen, SCTP_BINDX_REM_ADDR);
	4499	+ retval = sctp_setsockopt_bindx(sk, kopt, optlen,
	4500	+ SCTP_BINDX_REM_ADDR);
4350	4501	break;
4351	4502
4352	4503	case SCTP_SOCKOPT_CONNECTX_OLD:
4353	4504	/* 'optlen' is the size of the addresses buffer. */
4354		- retval = sctp_setsockopt_connectx_old(sk,
4355		- (struct sockaddr __user *)optval,
4356		- optlen);
	4505	+ retval = sctp_setsockopt_connectx_old(sk, kopt, optlen);
4357	4506	break;
4358	4507
4359	4508	case SCTP_SOCKOPT_CONNECTX:
4360	4509	/* 'optlen' is the size of the addresses buffer. */
4361		- retval = sctp_setsockopt_connectx(sk,
4362		- (struct sockaddr __user *)optval,
4363		- optlen);
	4510	+ retval = sctp_setsockopt_connectx(sk, kopt, optlen);
4364	4511	break;
4365	4512
4366	4513	case SCTP_DISABLE_FRAGMENTS:
4367		- retval = sctp_setsockopt_disable_fragments(sk, optval, optlen);
	4514	+ retval = sctp_setsockopt_disable_fragments(sk, kopt, optlen);
4368	4515	break;
4369	4516
4370	4517	case SCTP_EVENTS:
4371		- retval = sctp_setsockopt_events(sk, optval, optlen);
	4518	+ retval = sctp_setsockopt_events(sk, kopt, optlen);
4372	4519	break;
4373	4520
4374	4521	case SCTP_AUTOCLOSE:
4375		- retval = sctp_setsockopt_autoclose(sk, optval, optlen);
	4522	+ retval = sctp_setsockopt_autoclose(sk, kopt, optlen);
4376	4523	break;
4377	4524
4378	4525	case SCTP_PEER_ADDR_PARAMS:
4379		- retval = sctp_setsockopt_peer_addr_params(sk, optval, optlen);
	4526	+ retval = sctp_setsockopt_peer_addr_params(sk, kopt, optlen);
4380	4527	break;
4381	4528
4382	4529	case SCTP_DELAYED_SACK:
4383		- retval = sctp_setsockopt_delayed_ack(sk, optval, optlen);
	4530	+ retval = sctp_setsockopt_delayed_ack(sk, kopt, optlen);
4384	4531	break;
4385	4532	case SCTP_PARTIAL_DELIVERY_POINT:
4386		- retval = sctp_setsockopt_partial_delivery_point(sk, optval, optlen);
	4533	+ retval = sctp_setsockopt_partial_delivery_point(sk, kopt, optlen);
4387	4534	break;
4388	4535
4389	4536	case SCTP_INITMSG:
4390		- retval = sctp_setsockopt_initmsg(sk, optval, optlen);
	4537	+ retval = sctp_setsockopt_initmsg(sk, kopt, optlen);
4391	4538	break;
4392	4539	case SCTP_DEFAULT_SEND_PARAM:
4393		- retval = sctp_setsockopt_default_send_param(sk, optval,
4394		- optlen);
	4540	+ retval = sctp_setsockopt_default_send_param(sk, kopt, optlen);
4395	4541	break;
4396	4542	case SCTP_DEFAULT_SNDINFO:
4397		- retval = sctp_setsockopt_default_sndinfo(sk, optval, optlen);
	4543	+ retval = sctp_setsockopt_default_sndinfo(sk, kopt, optlen);
4398	4544	break;
4399	4545	case SCTP_PRIMARY_ADDR:
4400		- retval = sctp_setsockopt_primary_addr(sk, optval, optlen);
	4546	+ retval = sctp_setsockopt_primary_addr(sk, kopt, optlen);
4401	4547	break;
4402	4548	case SCTP_SET_PEER_PRIMARY_ADDR:
4403		- retval = sctp_setsockopt_peer_primary_addr(sk, optval, optlen);
	4549	+ retval = sctp_setsockopt_peer_primary_addr(sk, kopt, optlen);
4404	4550	break;
4405	4551	case SCTP_NODELAY:
4406		- retval = sctp_setsockopt_nodelay(sk, optval, optlen);
	4552	+ retval = sctp_setsockopt_nodelay(sk, kopt, optlen);
4407	4553	break;
4408	4554	case SCTP_RTOINFO:
4409		- retval = sctp_setsockopt_rtoinfo(sk, optval, optlen);
	4555	+ retval = sctp_setsockopt_rtoinfo(sk, kopt, optlen);
4410	4556	break;
4411	4557	case SCTP_ASSOCINFO:
4412		- retval = sctp_setsockopt_associnfo(sk, optval, optlen);
	4558	+ retval = sctp_setsockopt_associnfo(sk, kopt, optlen);
4413	4559	break;
4414	4560	case SCTP_I_WANT_MAPPED_V4_ADDR:
4415		- retval = sctp_setsockopt_mappedv4(sk, optval, optlen);
	4561	+ retval = sctp_setsockopt_mappedv4(sk, kopt, optlen);
4416	4562	break;
4417	4563	case SCTP_MAXSEG:
4418		- retval = sctp_setsockopt_maxseg(sk, optval, optlen);
	4564	+ retval = sctp_setsockopt_maxseg(sk, kopt, optlen);
4419	4565	break;
4420	4566	case SCTP_ADAPTATION_LAYER:
4421		- retval = sctp_setsockopt_adaptation_layer(sk, optval, optlen);
	4567	+ retval = sctp_setsockopt_adaptation_layer(sk, kopt, optlen);
4422	4568	break;
4423	4569	case SCTP_CONTEXT:
4424		- retval = sctp_setsockopt_context(sk, optval, optlen);
	4570	+ retval = sctp_setsockopt_context(sk, kopt, optlen);
4425	4571	break;
4426	4572	case SCTP_FRAGMENT_INTERLEAVE:
4427		- retval = sctp_setsockopt_fragment_interleave(sk, optval, optlen);
	4573	+ retval = sctp_setsockopt_fragment_interleave(sk, kopt, optlen);
4428	4574	break;
4429	4575	case SCTP_MAX_BURST:
4430		- retval = sctp_setsockopt_maxburst(sk, optval, optlen);
	4576	+ retval = sctp_setsockopt_maxburst(sk, kopt, optlen);
4431	4577	break;
4432	4578	case SCTP_AUTH_CHUNK:
4433		- retval = sctp_setsockopt_auth_chunk(sk, optval, optlen);
	4579	+ retval = sctp_setsockopt_auth_chunk(sk, kopt, optlen);
4434	4580	break;
4435	4581	case SCTP_HMAC_IDENT:
4436		- retval = sctp_setsockopt_hmac_ident(sk, optval, optlen);
	4582	+ retval = sctp_setsockopt_hmac_ident(sk, kopt, optlen);
4437	4583	break;
4438	4584	case SCTP_AUTH_KEY:
4439		- retval = sctp_setsockopt_auth_key(sk, optval, optlen);
	4585	+ retval = sctp_setsockopt_auth_key(sk, kopt, optlen);
4440	4586	break;
4441	4587	case SCTP_AUTH_ACTIVE_KEY:
4442		- retval = sctp_setsockopt_active_key(sk, optval, optlen);
	4588	+ retval = sctp_setsockopt_active_key(sk, kopt, optlen);
4443	4589	break;
4444	4590	case SCTP_AUTH_DELETE_KEY:
4445		- retval = sctp_setsockopt_del_key(sk, optval, optlen);
	4591	+ retval = sctp_setsockopt_del_key(sk, kopt, optlen);
4446	4592	break;
4447	4593	case SCTP_AUTH_DEACTIVATE_KEY:
4448		- retval = sctp_setsockopt_deactivate_key(sk, optval, optlen);
	4594	+ retval = sctp_setsockopt_deactivate_key(sk, kopt, optlen);
4449	4595	break;
4450	4596	case SCTP_AUTO_ASCONF:
4451		- retval = sctp_setsockopt_auto_asconf(sk, optval, optlen);
	4597	+ retval = sctp_setsockopt_auto_asconf(sk, kopt, optlen);
4452	4598	break;
4453	4599	case SCTP_PEER_ADDR_THLDS:
4454		- retval = sctp_setsockopt_paddr_thresholds(sk, optval, optlen);
	4600	+ retval = sctp_setsockopt_paddr_thresholds(sk, kopt, optlen,
	4601	+ false);
	4602	+ break;
	4603	+ case SCTP_PEER_ADDR_THLDS_V2:
	4604	+ retval = sctp_setsockopt_paddr_thresholds(sk, kopt, optlen,
	4605	+ true);
4455	4606	break;
4456	4607	case SCTP_RECVRCVINFO:
4457		- retval = sctp_setsockopt_recvrcvinfo(sk, optval, optlen);
	4608	+ retval = sctp_setsockopt_recvrcvinfo(sk, kopt, optlen);
4458	4609	break;
4459	4610	case SCTP_RECVNXTINFO:
4460		- retval = sctp_setsockopt_recvnxtinfo(sk, optval, optlen);
	4611	+ retval = sctp_setsockopt_recvnxtinfo(sk, kopt, optlen);
4461	4612	break;
4462	4613	case SCTP_PR_SUPPORTED:
4463		- retval = sctp_setsockopt_pr_supported(sk, optval, optlen);
	4614	+ retval = sctp_setsockopt_pr_supported(sk, kopt, optlen);
4464	4615	break;
4465	4616	case SCTP_DEFAULT_PRINFO:
4466		- retval = sctp_setsockopt_default_prinfo(sk, optval, optlen);
	4617	+ retval = sctp_setsockopt_default_prinfo(sk, kopt, optlen);
4467	4618	break;
4468	4619	case SCTP_RECONFIG_SUPPORTED:
4469		- retval = sctp_setsockopt_reconfig_supported(sk, optval, optlen);
	4620	+ retval = sctp_setsockopt_reconfig_supported(sk, kopt, optlen);
4470	4621	break;
4471	4622	case SCTP_ENABLE_STREAM_RESET:
4472		- retval = sctp_setsockopt_enable_strreset(sk, optval, optlen);
	4623	+ retval = sctp_setsockopt_enable_strreset(sk, kopt, optlen);
4473	4624	break;
4474	4625	case SCTP_RESET_STREAMS:
4475		- retval = sctp_setsockopt_reset_streams(sk, optval, optlen);
	4626	+ retval = sctp_setsockopt_reset_streams(sk, kopt, optlen);
4476	4627	break;
4477	4628	case SCTP_RESET_ASSOC:
4478		- retval = sctp_setsockopt_reset_assoc(sk, optval, optlen);
	4629	+ retval = sctp_setsockopt_reset_assoc(sk, kopt, optlen);
4479	4630	break;
4480	4631	case SCTP_ADD_STREAMS:
4481		- retval = sctp_setsockopt_add_streams(sk, optval, optlen);
	4632	+ retval = sctp_setsockopt_add_streams(sk, kopt, optlen);
4482	4633	break;
4483	4634	case SCTP_STREAM_SCHEDULER:
4484		- retval = sctp_setsockopt_scheduler(sk, optval, optlen);
	4635	+ retval = sctp_setsockopt_scheduler(sk, kopt, optlen);
4485	4636	break;
4486	4637	case SCTP_STREAM_SCHEDULER_VALUE:
4487		- retval = sctp_setsockopt_scheduler_value(sk, optval, optlen);
	4638	+ retval = sctp_setsockopt_scheduler_value(sk, kopt, optlen);
4488	4639	break;
4489	4640	case SCTP_INTERLEAVING_SUPPORTED:
4490		- retval = sctp_setsockopt_interleaving_supported(sk, optval,
	4641	+ retval = sctp_setsockopt_interleaving_supported(sk, kopt,
4491	4642	optlen);
4492	4643	break;
4493	4644	case SCTP_REUSE_PORT:
4494		- retval = sctp_setsockopt_reuse_port(sk, optval, optlen);
	4645	+ retval = sctp_setsockopt_reuse_port(sk, kopt, optlen);
	4646	+ break;
	4647	+ case SCTP_EVENT:
	4648	+ retval = sctp_setsockopt_event(sk, kopt, optlen);
	4649	+ break;
	4650	+ case SCTP_ASCONF_SUPPORTED:
	4651	+ retval = sctp_setsockopt_asconf_supported(sk, kopt, optlen);
	4652	+ break;
	4653	+ case SCTP_AUTH_SUPPORTED:
	4654	+ retval = sctp_setsockopt_auth_supported(sk, kopt, optlen);
	4655	+ break;
	4656	+ case SCTP_ECN_SUPPORTED:
	4657	+ retval = sctp_setsockopt_ecn_supported(sk, kopt, optlen);
	4658	+ break;
	4659	+ case SCTP_EXPOSE_POTENTIALLY_FAILED_STATE:
	4660	+ retval = sctp_setsockopt_pf_expose(sk, kopt, optlen);
4495	4661	break;
4496	4662	default:
4497	4663	retval = -ENOPROTOOPT;
..	..	@@ -4499,8 +4665,7 @@
4499	4665	}
4500	4666
4501	4667	release_sock(sk);
4502		-
4503		-out_nounlock:
	4668	+ kfree(kopt);
4504	4669	return retval;
4505	4670	}
4506	4671
..	..	@@ -4527,7 +4692,6 @@
4527	4692	int err = -EINVAL;
4528	4693
4529	4694	lock_sock(sk);
4530		-
4531	4695	pr_debug("%s: sk:%p, sockaddr:%p, addr_len:%d\n", __func__, sk,
4532	4696	addr, addr_len);
4533	4697
..	..	@@ -4609,7 +4773,11 @@
4609	4773	/* Populate the fields of the newsk from the oldsk and migrate the
4610	4774	* asoc to the newsk.
4611	4775	*/
4612		- sctp_sock_migrate(sk, newsk, asoc, SCTP_SOCKET_TCP);
	4776	+ error = sctp_sock_migrate(sk, newsk, asoc, SCTP_SOCKET_TCP);
	4777	+ if (error) {
	4778	+ sk_common_release(newsk);
	4779	+ newsk = NULL;
	4780	+ }
4613	4781
4614	4782	out:
4615	4783	release_sock(sk);
..	..	@@ -4725,19 +4893,23 @@
4725	4893	/* Initialize default event subscriptions. By default, all the
4726	4894	* options are off.
4727	4895	*/
4728		- memset(&sp->subscribe, 0, sizeof(struct sctp_event_subscribe));
	4896	+ sp->subscribe = 0;
4729	4897
4730	4898	/* Default Peer Address Parameters. These defaults can
4731	4899	* be modified via SCTP_PEER_ADDR_PARAMS
4732	4900	*/
4733	4901	sp->hbinterval = net->sctp.hb_interval;
4734	4902	sp->pathmaxrxt = net->sctp.max_retrans_path;
	4903	+ sp->pf_retrans = net->sctp.pf_retrans;
	4904	+ sp->ps_retrans = net->sctp.ps_retrans;
	4905	+ sp->pf_expose = net->sctp.pf_expose;
4735	4906	sp->pathmtu = 0; /* allow default discovery */
4736	4907	sp->sackdelay = net->sctp.sack_timeout;
4737	4908	sp->sackfreq = 2;
4738	4909	sp->param_flags = SPP_HB_ENABLE \|
4739	4910	SPP_PMTUD_ENABLE \|
4740	4911	SPP_SACKDELAY_ENABLE;
	4912	+ sp->default_ss = SCTP_SS_DEFAULT;
4741	4913
4742	4914	/* If enabled no SCTP message fragmentation will be performed.
4743	4915	* Configure through SCTP_DISABLE_FRAGMENTS socket option.
..	..	@@ -4956,14 +5128,14 @@
4956	5128	EXPORT_SYMBOL_GPL(sctp_get_sctp_info);
4957	5129
4958	5130	/* use callback to avoid exporting the core structure */
4959		-void sctp_transport_walk_start(struct rhashtable_iter *iter)
	5131	+void sctp_transport_walk_start(struct rhashtable_iter *iter) __acquires(RCU)
4960	5132	{
4961	5133	rhltable_walk_enter(&sctp_transport_hashtable, iter);
4962	5134
4963	5135	rhashtable_walk_start(iter);
4964	5136	}
4965	5137
4966		-void sctp_transport_walk_stop(struct rhashtable_iter *iter)
	5138	+void sctp_transport_walk_stop(struct rhashtable_iter *iter) __releases(RCU)
4967	5139	{
4968	5140	rhashtable_walk_stop(iter);
4969	5141	rhashtable_walk_exit(iter);
..	..	@@ -4985,7 +5157,7 @@
4985	5157	if (!sctp_transport_hold(t))
4986	5158	continue;
4987	5159
4988		- if (net_eq(sock_net(t->asoc->base.sk), net) &&
	5160	+ if (net_eq(t->asoc->base.net, net) &&
4989	5161	t->asoc->peer.primary_path == t)
4990	5162	break;
4991	5163
..	..	@@ -5205,8 +5377,16 @@
5205	5377
5206	5378	transport = sctp_addr_id2transport(sk, &pinfo.spinfo_address,
5207	5379	pinfo.spinfo_assoc_id);
5208		- if (!transport)
5209		- return -EINVAL;
	5380	+ if (!transport) {
	5381	+ retval = -EINVAL;
	5382	+ goto out;
	5383	+ }
	5384	+
	5385	+ if (transport->state == SCTP_PF &&
	5386	+ transport->asoc->pf_expose == SCTP_PF_EXPOSE_DISABLE) {
	5387	+ retval = -EACCES;
	5388	+ goto out;
	5389	+ }
5210	5390
5211	5391	pinfo.spinfo_assoc_id = sctp_assoc2id(transport->asoc);
5212	5392	pinfo.spinfo_state = transport->state;
..	..	@@ -5264,14 +5444,24 @@
5264	5444	static int sctp_getsockopt_events(struct sock sk, int len, char __user optval,
5265	5445	int __user *optlen)
5266	5446	{
	5447	+ struct sctp_event_subscribe subscribe;
	5448	+ __u8 sn_type = (__u8 )&subscribe;
	5449	+ int i;
	5450	+
5267	5451	if (len == 0)
5268	5452	return -EINVAL;
5269	5453	if (len > sizeof(struct sctp_event_subscribe))
5270	5454	len = sizeof(struct sctp_event_subscribe);
5271	5455	if (put_user(len, optlen))
5272	5456	return -EFAULT;
5273		- if (copy_to_user(optval, &sctp_sk(sk)->subscribe, len))
	5457	+
	5458	+ for (i = 0; i < len; i++)
	5459	+ sn_type[i] = sctp_ulpevent_type_enabled(sctp_sk(sk)->subscribe,
	5460	+ SCTP_SN_TYPE_BASE + i);
	5461	+
	5462	+ if (copy_to_user(optval, &subscribe, len))
5274	5463	return -EFAULT;
	5464	+
5275	5465	return 0;
5276	5466	}
5277	5467
..	..	@@ -5333,13 +5523,18 @@
5333	5523	* Set the daddr and initialize id to something more random and also
5334	5524	* copy over any ip options.
5335	5525	*/
5336		- sp->pf->to_sk_daddr(&asoc->peer.primary_addr, sk);
	5526	+ sp->pf->to_sk_daddr(&asoc->peer.primary_addr, sock->sk);
5337	5527	sp->pf->copy_ip_options(sk, sock->sk);
5338	5528
5339	5529	/* Populate the fields of the newsk from the oldsk and migrate the
5340	5530	* asoc to the newsk.
5341	5531	*/
5342		- sctp_sock_migrate(sk, sock->sk, asoc, SCTP_SOCKET_UDP_HIGH_BANDWIDTH);
	5532	+ err = sctp_sock_migrate(sk, sock->sk, asoc,
	5533	+ SCTP_SOCKET_UDP_HIGH_BANDWIDTH);
	5534	+ if (err) {
	5535	+ sock_release(sock);
	5536	+ sock = NULL;
	5537	+ }
5343	5538
5344	5539	*sockp = sock;
5345	5540
..	..	@@ -5615,12 +5810,13 @@
5615	5810	}
5616	5811	}
5617	5812
5618		- /* Get association, if assoc_id != 0 and the socket is a one
5619		- * to many style socket, and an association was not found, then
5620		- * the id was invalid.
	5813	+ /* Get association, if assoc_id != SCTP_FUTURE_ASSOC and the
	5814	+ * socket is a one to many style socket, and an association
	5815	+ * was not found, then the id was invalid.
5621	5816	*/
5622	5817	asoc = sctp_id2assoc(sk, params.spp_assoc_id);
5623		- if (!asoc && params.spp_assoc_id && sctp_style(sk, UDP)) {
	5818	+ if (!asoc && params.spp_assoc_id != SCTP_FUTURE_ASSOC &&
	5819	+ sctp_style(sk, UDP)) {
5624	5820	pr_debug("%s: failed no association\n", __func__);
5625	5821	return -EINVAL;
5626	5822	}
..	..	@@ -5749,19 +5945,19 @@
5749	5945	} else
5750	5946	return -EINVAL;
5751	5947
5752		- /* Get association, if sack_assoc_id != 0 and the socket is a one
5753		- * to many style socket, and an association was not found, then
5754		- * the id was invalid.
	5948	+ /* Get association, if sack_assoc_id != SCTP_FUTURE_ASSOC and the
	5949	+ * socket is a one to many style socket, and an association
	5950	+ * was not found, then the id was invalid.
5755	5951	*/
5756	5952	asoc = sctp_id2assoc(sk, params.sack_assoc_id);
5757		- if (!asoc && params.sack_assoc_id && sctp_style(sk, UDP))
	5953	+ if (!asoc && params.sack_assoc_id != SCTP_FUTURE_ASSOC &&
	5954	+ sctp_style(sk, UDP))
5758	5955	return -EINVAL;
5759	5956
5760	5957	if (asoc) {
5761	5958	/* Fetch association values. */
5762	5959	if (asoc->param_flags & SPP_SACKDELAY_ENABLE) {
5763		- params.sack_delay = jiffies_to_msecs(
5764		- asoc->sackdelay);
	5960	+ params.sack_delay = jiffies_to_msecs(asoc->sackdelay);
5765	5961	params.sack_freq = asoc->sackfreq;
5766	5962
5767	5963	} else {
..	..	@@ -6114,8 +6310,10 @@
6114	6310	return -EFAULT;
6115	6311
6116	6312	asoc = sctp_id2assoc(sk, info.sinfo_assoc_id);
6117		- if (!asoc && info.sinfo_assoc_id && sctp_style(sk, UDP))
	6313	+ if (!asoc && info.sinfo_assoc_id != SCTP_FUTURE_ASSOC &&
	6314	+ sctp_style(sk, UDP))
6118	6315	return -EINVAL;
	6316	+
6119	6317	if (asoc) {
6120	6318	info.sinfo_stream = asoc->default_stream;
6121	6319	info.sinfo_flags = asoc->default_flags;
..	..	@@ -6158,8 +6356,10 @@
6158	6356	return -EFAULT;
6159	6357
6160	6358	asoc = sctp_id2assoc(sk, info.snd_assoc_id);
6161		- if (!asoc && info.snd_assoc_id && sctp_style(sk, UDP))
	6359	+ if (!asoc && info.snd_assoc_id != SCTP_FUTURE_ASSOC &&
	6360	+ sctp_style(sk, UDP))
6162	6361	return -EINVAL;
	6362	+
6163	6363	if (asoc) {
6164	6364	info.snd_sid = asoc->default_stream;
6165	6365	info.snd_flags = asoc->default_flags;
..	..	@@ -6235,7 +6435,8 @@
6235	6435
6236	6436	asoc = sctp_id2assoc(sk, rtoinfo.srto_assoc_id);
6237	6437
6238		- if (!asoc && rtoinfo.srto_assoc_id && sctp_style(sk, UDP))
	6438	+ if (!asoc && rtoinfo.srto_assoc_id != SCTP_FUTURE_ASSOC &&
	6439	+ sctp_style(sk, UDP))
6239	6440	return -EINVAL;
6240	6441
6241	6442	/* Values corresponding to the specific association. */
..	..	@@ -6292,7 +6493,8 @@
6292	6493
6293	6494	asoc = sctp_id2assoc(sk, assocparams.sasoc_assoc_id);
6294	6495
6295		- if (!asoc && assocparams.sasoc_assoc_id && sctp_style(sk, UDP))
	6496	+ if (!asoc && assocparams.sasoc_assoc_id != SCTP_FUTURE_ASSOC &&
	6497	+ sctp_style(sk, UDP))
6296	6498	return -EINVAL;
6297	6499
6298	6500	/* Values correspoinding to the specific association */
..	..	@@ -6367,7 +6569,6 @@
6367	6569	char __user optval, int __user optlen)
6368	6570	{
6369	6571	struct sctp_assoc_value params;
6370		- struct sctp_sock *sp;
6371	6572	struct sctp_association *asoc;
6372	6573
6373	6574	if (len < sizeof(struct sctp_assoc_value))
..	..	@@ -6378,16 +6579,13 @@
6378	6579	if (copy_from_user(&params, optval, len))
6379	6580	return -EFAULT;
6380	6581
6381		- sp = sctp_sk(sk);
	6582	+ asoc = sctp_id2assoc(sk, params.assoc_id);
	6583	+ if (!asoc && params.assoc_id != SCTP_FUTURE_ASSOC &&
	6584	+ sctp_style(sk, UDP))
	6585	+ return -EINVAL;
6382	6586
6383		- if (params.assoc_id != 0) {
6384		- asoc = sctp_id2assoc(sk, params.assoc_id);
6385		- if (!asoc)
6386		- return -EINVAL;
6387		- params.assoc_value = asoc->default_rcv_context;
6388		- } else {
6389		- params.assoc_value = sp->default_rcv_context;
6390		- }
	6587	+ params.assoc_value = asoc ? asoc->default_rcv_context
	6588	+ : sctp_sk(sk)->default_rcv_context;
6391	6589
6392	6590	if (put_user(len, optlen))
6393	6591	return -EFAULT;
..	..	@@ -6436,7 +6634,7 @@
6436	6634	"Use of int in maxseg socket option.\n"
6437	6635	"Use struct sctp_assoc_value instead\n",
6438	6636	current->comm, task_pid_nr(current));
6439		- params.assoc_id = 0;
	6637	+ params.assoc_id = SCTP_FUTURE_ASSOC;
6440	6638	} else if (len >= sizeof(struct sctp_assoc_value)) {
6441	6639	len = sizeof(struct sctp_assoc_value);
6442	6640	if (copy_from_user(&params, optval, len))
..	..	@@ -6445,7 +6643,8 @@
6445	6643	return -EINVAL;
6446	6644
6447	6645	asoc = sctp_id2assoc(sk, params.assoc_id);
6448		- if (!asoc && params.assoc_id && sctp_style(sk, UDP))
	6646	+ if (!asoc && params.assoc_id != SCTP_FUTURE_ASSOC &&
	6647	+ sctp_style(sk, UDP))
6449	6648	return -EINVAL;
6450	6649
6451	6650	if (asoc)
..	..	@@ -6522,7 +6721,6 @@
6522	6721	int __user *optlen)
6523	6722	{
6524	6723	struct sctp_assoc_value params;
6525		- struct sctp_sock *sp;
6526	6724	struct sctp_association *asoc;
6527	6725
6528	6726	if (len == sizeof(int)) {
..	..	@@ -6531,7 +6729,7 @@
6531	6729	"Use of int in max_burst socket option.\n"
6532	6730	"Use struct sctp_assoc_value instead\n",
6533	6731	current->comm, task_pid_nr(current));
6534		- params.assoc_id = 0;
	6732	+ params.assoc_id = SCTP_FUTURE_ASSOC;
6535	6733	} else if (len >= sizeof(struct sctp_assoc_value)) {
6536	6734	len = sizeof(struct sctp_assoc_value);
6537	6735	if (copy_from_user(&params, optval, len))
..	..	@@ -6539,15 +6737,12 @@
6539	6737	} else
6540	6738	return -EINVAL;
6541	6739
6542		- sp = sctp_sk(sk);
	6740	+ asoc = sctp_id2assoc(sk, params.assoc_id);
	6741	+ if (!asoc && params.assoc_id != SCTP_FUTURE_ASSOC &&
	6742	+ sctp_style(sk, UDP))
	6743	+ return -EINVAL;
6543	6744
6544		- if (params.assoc_id != 0) {
6545		- asoc = sctp_id2assoc(sk, params.assoc_id);
6546		- if (!asoc)
6547		- return -EINVAL;
6548		- params.assoc_value = asoc->max_burst;
6549		- } else
6550		- params.assoc_value = sp->max_burst;
	6745	+ params.assoc_value = asoc ? asoc->max_burst : sctp_sk(sk)->max_burst;
6551	6746
6552	6747	if (len == sizeof(int)) {
6553	6748	if (copy_to_user(optval, &params.assoc_value, len))
..	..	@@ -6604,9 +6799,6 @@
6604	6799	struct sctp_authkeyid val;
6605	6800	struct sctp_association *asoc;
6606	6801
6607		- if (!ep->auth_enable)
6608		- return -EACCES;
6609		-
6610	6802	if (len < sizeof(struct sctp_authkeyid))
6611	6803	return -EINVAL;
6612	6804
..	..	@@ -6618,10 +6810,15 @@
6618	6810	if (!asoc && val.scact_assoc_id && sctp_style(sk, UDP))
6619	6811	return -EINVAL;
6620	6812
6621		- if (asoc)
	6813	+ if (asoc) {
	6814	+ if (!asoc->peer.auth_capable)
	6815	+ return -EACCES;
6622	6816	val.scact_keynumber = asoc->active_key_id;
6623		- else
	6817	+ } else {
	6818	+ if (!ep->auth_enable)
	6819	+ return -EACCES;
6624	6820	val.scact_keynumber = ep->active_key_id;
	6821	+ }
6625	6822
6626	6823	if (put_user(len, optlen))
6627	6824	return -EFAULT;
..	..	@@ -6634,16 +6831,12 @@
6634	6831	static int sctp_getsockopt_peer_auth_chunks(struct sock *sk, int len,
6635	6832	char __user optval, int __user optlen)
6636	6833	{
6637		- struct sctp_endpoint *ep = sctp_sk(sk)->ep;
6638	6834	struct sctp_authchunks __user p = (void __user )optval;
6639	6835	struct sctp_authchunks val;
6640	6836	struct sctp_association *asoc;
6641	6837	struct sctp_chunks_param *ch;
6642	6838	u32 num_chunks = 0;
6643	6839	char __user *to;
6644		-
6645		- if (!ep->auth_enable)
6646		- return -EACCES;
6647	6840
6648	6841	if (len < sizeof(struct sctp_authchunks))
6649	6842	return -EINVAL;
..	..	@@ -6655,6 +6848,9 @@
6655	6848	asoc = sctp_id2assoc(sk, val.gauth_assoc_id);
6656	6849	if (!asoc)
6657	6850	return -EINVAL;
	6851	+
	6852	+ if (!asoc->peer.auth_capable)
	6853	+ return -EACCES;
6658	6854
6659	6855	ch = asoc->peer.peer_chunks;
6660	6856	if (!ch)
..	..	@@ -6687,9 +6883,6 @@
6687	6883	u32 num_chunks = 0;
6688	6884	char __user *to;
6689	6885
6690		- if (!ep->auth_enable)
6691		- return -EACCES;
6692		-
6693	6886	if (len < sizeof(struct sctp_authchunks))
6694	6887	return -EINVAL;
6695	6888
..	..	@@ -6698,14 +6891,19 @@
6698	6891
6699	6892	to = p->gauth_chunks;
6700	6893	asoc = sctp_id2assoc(sk, val.gauth_assoc_id);
6701		- if (!asoc && val.gauth_assoc_id && sctp_style(sk, UDP))
	6894	+ if (!asoc && val.gauth_assoc_id != SCTP_FUTURE_ASSOC &&
	6895	+ sctp_style(sk, UDP))
6702	6896	return -EINVAL;
6703	6897
6704		- if (asoc)
	6898	+ if (asoc) {
	6899	+ if (!asoc->peer.auth_capable)
	6900	+ return -EACCES;
6705	6901	ch = (struct sctp_chunks_param *)asoc->c.auth_chunks;
6706		- else
	6902	+ } else {
	6903	+ if (!ep->auth_enable)
	6904	+ return -EACCES;
6707	6905	ch = ep->auth_chunk_list;
6708		-
	6906	+ }
6709	6907	if (!ch)
6710	6908	goto num;
6711	6909
..	..	@@ -6836,28 +7034,22 @@
6836	7034	* http://www.ietf.org/id/draft-nishida-tsvwg-sctp-failover-05.txt
6837	7035	*/
6838	7036	static int sctp_getsockopt_paddr_thresholds(struct sock *sk,
6839		- char __user *optval,
6840		- int len,
6841		- int __user *optlen)
	7037	+ char __user *optval, int len,
	7038	+ int __user *optlen, bool v2)
6842	7039	{
6843		- struct sctp_paddrthlds val;
	7040	+ struct sctp_paddrthlds_v2 val;
6844	7041	struct sctp_transport *trans;
6845	7042	struct sctp_association *asoc;
	7043	+ int min;
6846	7044
6847		- if (len < sizeof(struct sctp_paddrthlds))
	7045	+ min = v2 ? sizeof(val) : sizeof(struct sctp_paddrthlds);
	7046	+ if (len < min)
6848	7047	return -EINVAL;
6849		- len = sizeof(struct sctp_paddrthlds);
6850		- if (copy_from_user(&val, (struct sctp_paddrthlds __user *)optval, len))
	7048	+ len = min;
	7049	+ if (copy_from_user(&val, optval, len))
6851	7050	return -EFAULT;
6852	7051
6853		- if (sctp_is_any(sk, (const union sctp_addr *)&val.spt_address)) {
6854		- asoc = sctp_id2assoc(sk, val.spt_assoc_id);
6855		- if (!asoc)
6856		- return -ENOENT;
6857		-
6858		- val.spt_pathpfthld = asoc->pf_retrans;
6859		- val.spt_pathmaxrxt = asoc->pathmaxrxt;
6860		- } else {
	7052	+ if (!sctp_is_any(sk, (const union sctp_addr *)&val.spt_address)) {
6861	7053	trans = sctp_addr_id2transport(sk, &val.spt_address,
6862	7054	val.spt_assoc_id);
6863	7055	if (!trans)
..	..	@@ -6865,8 +7057,29 @@
6865	7057
6866	7058	val.spt_pathmaxrxt = trans->pathmaxrxt;
6867	7059	val.spt_pathpfthld = trans->pf_retrans;
	7060	+ val.spt_pathcpthld = trans->ps_retrans;
	7061	+
	7062	+ goto out;
6868	7063	}
6869	7064
	7065	+ asoc = sctp_id2assoc(sk, val.spt_assoc_id);
	7066	+ if (!asoc && val.spt_assoc_id != SCTP_FUTURE_ASSOC &&
	7067	+ sctp_style(sk, UDP))
	7068	+ return -EINVAL;
	7069	+
	7070	+ if (asoc) {
	7071	+ val.spt_pathpfthld = asoc->pf_retrans;
	7072	+ val.spt_pathmaxrxt = asoc->pathmaxrxt;
	7073	+ val.spt_pathcpthld = asoc->ps_retrans;
	7074	+ } else {
	7075	+ struct sctp_sock *sp = sctp_sk(sk);
	7076	+
	7077	+ val.spt_pathpfthld = sp->pf_retrans;
	7078	+ val.spt_pathmaxrxt = sp->pathmaxrxt;
	7079	+ val.spt_pathcpthld = sp->ps_retrans;
	7080	+ }
	7081	+
	7082	+out:
6870	7083	if (put_user(len, optlen) \|\| copy_to_user(optval, &val, len))
6871	7084	return -EFAULT;
6872	7085
..	..	@@ -6995,16 +7208,14 @@
6995	7208	goto out;
6996	7209
6997	7210	asoc = sctp_id2assoc(sk, params.assoc_id);
6998		- if (asoc) {
6999		- params.assoc_value = asoc->prsctp_enable;
7000		- } else if (!params.assoc_id) {
7001		- struct sctp_sock *sp = sctp_sk(sk);
7002		-
7003		- params.assoc_value = sp->ep->prsctp_enable;
7004		- } else {
	7211	+ if (!asoc && params.assoc_id != SCTP_FUTURE_ASSOC &&
	7212	+ sctp_style(sk, UDP)) {
7005	7213	retval = -EINVAL;
7006	7214	goto out;
7007	7215	}
	7216	+
	7217	+ params.assoc_value = asoc ? asoc->peer.prsctp_capable
	7218	+ : sctp_sk(sk)->ep->prsctp_enable;
7008	7219
7009	7220	if (put_user(len, optlen))
7010	7221	goto out;
..	..	@@ -7036,17 +7247,20 @@
7036	7247	goto out;
7037	7248
7038	7249	asoc = sctp_id2assoc(sk, info.pr_assoc_id);
	7250	+ if (!asoc && info.pr_assoc_id != SCTP_FUTURE_ASSOC &&
	7251	+ sctp_style(sk, UDP)) {
	7252	+ retval = -EINVAL;
	7253	+ goto out;
	7254	+ }
	7255	+
7039	7256	if (asoc) {
7040	7257	info.pr_policy = SCTP_PR_POLICY(asoc->default_flags);
7041	7258	info.pr_value = asoc->default_timetolive;
7042		- } else if (!info.pr_assoc_id) {
	7259	+ } else {
7043	7260	struct sctp_sock *sp = sctp_sk(sk);
7044	7261
7045	7262	info.pr_policy = SCTP_PR_POLICY(sp->default_flags);
7046	7263	info.pr_value = sp->default_timetolive;
7047		- } else {
7048		- retval = -EINVAL;
7049		- goto out;
7050	7264	}
7051	7265
7052	7266	if (put_user(len, optlen))
..	..	@@ -7202,16 +7416,14 @@
7202	7416	goto out;
7203	7417
7204	7418	asoc = sctp_id2assoc(sk, params.assoc_id);
7205		- if (asoc) {
7206		- params.assoc_value = asoc->reconf_enable;
7207		- } else if (!params.assoc_id) {
7208		- struct sctp_sock *sp = sctp_sk(sk);
7209		-
7210		- params.assoc_value = sp->ep->reconf_enable;
7211		- } else {
	7419	+ if (!asoc && params.assoc_id != SCTP_FUTURE_ASSOC &&
	7420	+ sctp_style(sk, UDP)) {
7212	7421	retval = -EINVAL;
7213	7422	goto out;
7214	7423	}
	7424	+
	7425	+ params.assoc_value = asoc ? asoc->peer.reconf_capable
	7426	+ : sctp_sk(sk)->ep->reconf_enable;
7215	7427
7216	7428	if (put_user(len, optlen))
7217	7429	goto out;
..	..	@@ -7243,16 +7455,14 @@
7243	7455	goto out;
7244	7456
7245	7457	asoc = sctp_id2assoc(sk, params.assoc_id);
7246		- if (asoc) {
7247		- params.assoc_value = asoc->strreset_enable;
7248		- } else if (!params.assoc_id) {
7249		- struct sctp_sock *sp = sctp_sk(sk);
7250		-
7251		- params.assoc_value = sp->ep->strreset_enable;
7252		- } else {
	7458	+ if (!asoc && params.assoc_id != SCTP_FUTURE_ASSOC &&
	7459	+ sctp_style(sk, UDP)) {
7253	7460	retval = -EINVAL;
7254	7461	goto out;
7255	7462	}
	7463	+
	7464	+ params.assoc_value = asoc ? asoc->strreset_enable
	7465	+ : sctp_sk(sk)->ep->strreset_enable;
7256	7466
7257	7467	if (put_user(len, optlen))
7258	7468	goto out;
..	..	@@ -7284,12 +7494,14 @@
7284	7494	goto out;
7285	7495
7286	7496	asoc = sctp_id2assoc(sk, params.assoc_id);
7287		- if (!asoc) {
	7497	+ if (!asoc && params.assoc_id != SCTP_FUTURE_ASSOC &&
	7498	+ sctp_style(sk, UDP)) {
7288	7499	retval = -EINVAL;
7289	7500	goto out;
7290	7501	}
7291	7502
7292		- params.assoc_value = sctp_sched_get_sched(asoc);
	7503	+ params.assoc_value = asoc ? sctp_sched_get_sched(asoc)
	7504	+ : sctp_sk(sk)->default_ss;
7293	7505
7294	7506	if (put_user(len, optlen))
7295	7507	goto out;
..	..	@@ -7363,16 +7575,14 @@
7363	7575	goto out;
7364	7576
7365	7577	asoc = sctp_id2assoc(sk, params.assoc_id);
7366		- if (asoc) {
7367		- params.assoc_value = asoc->intl_enable;
7368		- } else if (!params.assoc_id) {
7369		- struct sctp_sock *sp = sctp_sk(sk);
7370		-
7371		- params.assoc_value = sp->strm_interleave;
7372		- } else {
	7578	+ if (!asoc && params.assoc_id != SCTP_FUTURE_ASSOC &&
	7579	+ sctp_style(sk, UDP)) {
7373	7580	retval = -EINVAL;
7374	7581	goto out;
7375	7582	}
	7583	+
	7584	+ params.assoc_value = asoc ? asoc->peer.intl_capable
	7585	+ : sctp_sk(sk)->ep->intl_enable;
7376	7586
7377	7587	if (put_user(len, optlen))
7378	7588	goto out;
..	..	@@ -7404,6 +7614,197 @@
7404	7614	return -EFAULT;
7405	7615
7406	7616	return 0;
	7617	+}
	7618	+
	7619	+static int sctp_getsockopt_event(struct sock sk, int len, char __user optval,
	7620	+ int __user *optlen)
	7621	+{
	7622	+ struct sctp_association *asoc;
	7623	+ struct sctp_event param;
	7624	+ __u16 subscribe;
	7625	+
	7626	+ if (len < sizeof(param))
	7627	+ return -EINVAL;
	7628	+
	7629	+ len = sizeof(param);
	7630	+ if (copy_from_user(&param, optval, len))
	7631	+ return -EFAULT;
	7632	+
	7633	+ if (param.se_type < SCTP_SN_TYPE_BASE \|\|
	7634	+ param.se_type > SCTP_SN_TYPE_MAX)
	7635	+ return -EINVAL;
	7636	+
	7637	+ asoc = sctp_id2assoc(sk, param.se_assoc_id);
	7638	+ if (!asoc && param.se_assoc_id != SCTP_FUTURE_ASSOC &&
	7639	+ sctp_style(sk, UDP))
	7640	+ return -EINVAL;
	7641	+
	7642	+ subscribe = asoc ? asoc->subscribe : sctp_sk(sk)->subscribe;
	7643	+ param.se_on = sctp_ulpevent_type_enabled(subscribe, param.se_type);
	7644	+
	7645	+ if (put_user(len, optlen))
	7646	+ return -EFAULT;
	7647	+
	7648	+ if (copy_to_user(optval, &param, len))
	7649	+ return -EFAULT;
	7650	+
	7651	+ return 0;
	7652	+}
	7653	+
	7654	+static int sctp_getsockopt_asconf_supported(struct sock *sk, int len,
	7655	+ char __user *optval,
	7656	+ int __user *optlen)
	7657	+{
	7658	+ struct sctp_assoc_value params;
	7659	+ struct sctp_association *asoc;
	7660	+ int retval = -EFAULT;
	7661	+
	7662	+ if (len < sizeof(params)) {
	7663	+ retval = -EINVAL;
	7664	+ goto out;
	7665	+ }
	7666	+
	7667	+ len = sizeof(params);
	7668	+ if (copy_from_user(&params, optval, len))
	7669	+ goto out;
	7670	+
	7671	+ asoc = sctp_id2assoc(sk, params.assoc_id);
	7672	+ if (!asoc && params.assoc_id != SCTP_FUTURE_ASSOC &&
	7673	+ sctp_style(sk, UDP)) {
	7674	+ retval = -EINVAL;
	7675	+ goto out;
	7676	+ }
	7677	+
	7678	+ params.assoc_value = asoc ? asoc->peer.asconf_capable
	7679	+ : sctp_sk(sk)->ep->asconf_enable;
	7680	+
	7681	+ if (put_user(len, optlen))
	7682	+ goto out;
	7683	+
	7684	+ if (copy_to_user(optval, &params, len))
	7685	+ goto out;
	7686	+
	7687	+ retval = 0;
	7688	+
	7689	+out:
	7690	+ return retval;
	7691	+}
	7692	+
	7693	+static int sctp_getsockopt_auth_supported(struct sock *sk, int len,
	7694	+ char __user *optval,
	7695	+ int __user *optlen)
	7696	+{
	7697	+ struct sctp_assoc_value params;
	7698	+ struct sctp_association *asoc;
	7699	+ int retval = -EFAULT;
	7700	+
	7701	+ if (len < sizeof(params)) {
	7702	+ retval = -EINVAL;
	7703	+ goto out;
	7704	+ }
	7705	+
	7706	+ len = sizeof(params);
	7707	+ if (copy_from_user(&params, optval, len))
	7708	+ goto out;
	7709	+
	7710	+ asoc = sctp_id2assoc(sk, params.assoc_id);
	7711	+ if (!asoc && params.assoc_id != SCTP_FUTURE_ASSOC &&
	7712	+ sctp_style(sk, UDP)) {
	7713	+ retval = -EINVAL;
	7714	+ goto out;
	7715	+ }
	7716	+
	7717	+ params.assoc_value = asoc ? asoc->peer.auth_capable
	7718	+ : sctp_sk(sk)->ep->auth_enable;
	7719	+
	7720	+ if (put_user(len, optlen))
	7721	+ goto out;
	7722	+
	7723	+ if (copy_to_user(optval, &params, len))
	7724	+ goto out;
	7725	+
	7726	+ retval = 0;
	7727	+
	7728	+out:
	7729	+ return retval;
	7730	+}
	7731	+
	7732	+static int sctp_getsockopt_ecn_supported(struct sock *sk, int len,
	7733	+ char __user *optval,
	7734	+ int __user *optlen)
	7735	+{
	7736	+ struct sctp_assoc_value params;
	7737	+ struct sctp_association *asoc;
	7738	+ int retval = -EFAULT;
	7739	+
	7740	+ if (len < sizeof(params)) {
	7741	+ retval = -EINVAL;
	7742	+ goto out;
	7743	+ }
	7744	+
	7745	+ len = sizeof(params);
	7746	+ if (copy_from_user(&params, optval, len))
	7747	+ goto out;
	7748	+
	7749	+ asoc = sctp_id2assoc(sk, params.assoc_id);
	7750	+ if (!asoc && params.assoc_id != SCTP_FUTURE_ASSOC &&
	7751	+ sctp_style(sk, UDP)) {
	7752	+ retval = -EINVAL;
	7753	+ goto out;
	7754	+ }
	7755	+
	7756	+ params.assoc_value = asoc ? asoc->peer.ecn_capable
	7757	+ : sctp_sk(sk)->ep->ecn_enable;
	7758	+
	7759	+ if (put_user(len, optlen))
	7760	+ goto out;
	7761	+
	7762	+ if (copy_to_user(optval, &params, len))
	7763	+ goto out;
	7764	+
	7765	+ retval = 0;
	7766	+
	7767	+out:
	7768	+ return retval;
	7769	+}
	7770	+
	7771	+static int sctp_getsockopt_pf_expose(struct sock *sk, int len,
	7772	+ char __user *optval,
	7773	+ int __user *optlen)
	7774	+{
	7775	+ struct sctp_assoc_value params;
	7776	+ struct sctp_association *asoc;
	7777	+ int retval = -EFAULT;
	7778	+
	7779	+ if (len < sizeof(params)) {
	7780	+ retval = -EINVAL;
	7781	+ goto out;
	7782	+ }
	7783	+
	7784	+ len = sizeof(params);
	7785	+ if (copy_from_user(&params, optval, len))
	7786	+ goto out;
	7787	+
	7788	+ asoc = sctp_id2assoc(sk, params.assoc_id);
	7789	+ if (!asoc && params.assoc_id != SCTP_FUTURE_ASSOC &&
	7790	+ sctp_style(sk, UDP)) {
	7791	+ retval = -EINVAL;
	7792	+ goto out;
	7793	+ }
	7794	+
	7795	+ params.assoc_value = asoc ? asoc->pf_expose
	7796	+ : sctp_sk(sk)->pf_expose;
	7797	+
	7798	+ if (put_user(len, optlen))
	7799	+ goto out;
	7800	+
	7801	+ if (copy_to_user(optval, &params, len))
	7802	+ goto out;
	7803	+
	7804	+ retval = 0;
	7805	+
	7806	+out:
	7807	+ return retval;
7407	7808	}
7408	7809
7409	7810	static int sctp_getsockopt(struct sock *sk, int level, int optname,
..	..	@@ -7555,7 +7956,12 @@
7555	7956	retval = sctp_getsockopt_auto_asconf(sk, len, optval, optlen);
7556	7957	break;
7557	7958	case SCTP_PEER_ADDR_THLDS:
7558		- retval = sctp_getsockopt_paddr_thresholds(sk, optval, len, optlen);
	7959	+ retval = sctp_getsockopt_paddr_thresholds(sk, optval, len,
	7960	+ optlen, false);
	7961	+ break;
	7962	+ case SCTP_PEER_ADDR_THLDS_V2:
	7963	+ retval = sctp_getsockopt_paddr_thresholds(sk, optval, len,
	7964	+ optlen, true);
7559	7965	break;
7560	7966	case SCTP_GET_ASSOC_STATS:
7561	7967	retval = sctp_getsockopt_assoc_stats(sk, len, optval, optlen);
..	..	@@ -7604,6 +8010,23 @@
7604	8010	case SCTP_REUSE_PORT:
7605	8011	retval = sctp_getsockopt_reuse_port(sk, len, optval, optlen);
7606	8012	break;
	8013	+ case SCTP_EVENT:
	8014	+ retval = sctp_getsockopt_event(sk, len, optval, optlen);
	8015	+ break;
	8016	+ case SCTP_ASCONF_SUPPORTED:
	8017	+ retval = sctp_getsockopt_asconf_supported(sk, len, optval,
	8018	+ optlen);
	8019	+ break;
	8020	+ case SCTP_AUTH_SUPPORTED:
	8021	+ retval = sctp_getsockopt_auth_supported(sk, len, optval,
	8022	+ optlen);
	8023	+ break;
	8024	+ case SCTP_ECN_SUPPORTED:
	8025	+ retval = sctp_getsockopt_ecn_supported(sk, len, optval, optlen);
	8026	+ break;
	8027	+ case SCTP_EXPOSE_POTENTIALLY_FAILED_STATE:
	8028	+ retval = sctp_getsockopt_pf_expose(sk, len, optval, optlen);
	8029	+ break;
7607	8030	default:
7608	8031	retval = -ENOPROTOOPT;
7609	8032	break;
..	..	@@ -7639,10 +8062,13 @@
7639	8062	static struct sctp_bind_bucket *sctp_bucket_create(
7640	8063	struct sctp_bind_hashbucket head, struct net , unsigned short snum);
7641	8064
7642		-static long sctp_get_port_local(struct sock sk, union sctp_addr addr)
	8065	+static int sctp_get_port_local(struct sock sk, union sctp_addr addr)
7643	8066	{
7644		- bool reuse = (sk->sk_reuse \|\| sctp_sk(sk)->reuse);
	8067	+ struct sctp_sock *sp = sctp_sk(sk);
	8068	+ bool reuse = (sk->sk_reuse \|\| sp->reuse);
7645	8069	struct sctp_bind_hashbucket head; / hash list */
	8070	+ struct net *net = sock_net(sk);
	8071	+ kuid_t uid = sock_i_uid(sk);
7646	8072	struct sctp_bind_bucket *pp;
7647	8073	unsigned short snum;
7648	8074	int ret;
..	..	@@ -7655,7 +8081,6 @@
7655	8081	/* Search for an available port. */
7656	8082	int low, high, remaining, index;
7657	8083	unsigned int rover;
7658		- struct net *net = sock_net(sk);
7659	8084
7660	8085	inet_get_local_port_range(net, &low, &high);
7661	8086	remaining = (high - low) + 1;
..	..	@@ -7667,12 +8092,12 @@
7667	8092	rover = low;
7668	8093	if (inet_is_local_reserved_port(net, rover))
7669	8094	continue;
7670		- index = sctp_phashfn(sock_net(sk), rover);
	8095	+ index = sctp_phashfn(net, rover);
7671	8096	head = &sctp_port_hashtable[index];
7672	8097	spin_lock_bh(&head->lock);
7673	8098	sctp_for_each_hentry(pp, &head->chain)
7674	8099	if ((pp->port == rover) &&
7675		- net_eq(sock_net(sk), pp->net))
	8100	+ net_eq(net, pp->net))
7676	8101	goto next;
7677	8102	break;
7678	8103	next:
..	..	@@ -7697,10 +8122,10 @@
7697	8122	* to the port number (snum) - we detect that with the
7698	8123	* port iterator, pp being NULL.
7699	8124	*/
7700		- head = &sctp_port_hashtable[sctp_phashfn(sock_net(sk), snum)];
	8125	+ head = &sctp_port_hashtable[sctp_phashfn(net, snum)];
7701	8126	spin_lock_bh(&head->lock);
7702	8127	sctp_for_each_hentry(pp, &head->chain) {
7703		- if ((pp->port == snum) && net_eq(pp->net, sock_net(sk)))
	8128	+ if ((pp->port == snum) && net_eq(pp->net, net))
7704	8129	goto pp_found;
7705	8130	}
7706	8131	}
..	..	@@ -7717,7 +8142,10 @@
7717	8142
7718	8143	pr_debug("%s: found a possible match\n", __func__);
7719	8144
7720		- if (pp->fastreuse && reuse && sk->sk_state != SCTP_SS_LISTENING)
	8145	+ if ((pp->fastreuse && reuse &&
	8146	+ sk->sk_state != SCTP_SS_LISTENING) \|\|
	8147	+ (pp->fastreuseport && sk->sk_reuseport &&
	8148	+ uid_eq(pp->fastuid, uid)))
7721	8149	goto success;
7722	8150
7723	8151	/* Run through the list of sockets bound to the port
..	..	@@ -7731,17 +8159,19 @@
7731	8159	* in an endpoint.
7732	8160	*/
7733	8161	sk_for_each_bound(sk2, &pp->owner) {
7734		- struct sctp_endpoint *ep2;
7735		- ep2 = sctp_sk(sk2)->ep;
	8162	+ struct sctp_sock *sp2 = sctp_sk(sk2);
	8163	+ struct sctp_endpoint *ep2 = sp2->ep;
7736	8164
7737	8165	if (sk == sk2 \|\|
7738		- (reuse && (sk2->sk_reuse \|\| sctp_sk(sk2)->reuse) &&
7739		- sk2->sk_state != SCTP_SS_LISTENING))
	8166	+ (reuse && (sk2->sk_reuse \|\| sp2->reuse) &&
	8167	+ sk2->sk_state != SCTP_SS_LISTENING) \|\|
	8168	+ (sk->sk_reuseport && sk2->sk_reuseport &&
	8169	+ uid_eq(uid, sock_i_uid(sk2))))
7740	8170	continue;
7741	8171
7742		- if (sctp_bind_addr_conflict(&ep2->base.bind_addr, addr,
7743		- sctp_sk(sk2), sctp_sk(sk))) {
7744		- ret = (long)sk2;
	8172	+ if (sctp_bind_addr_conflict(&ep2->base.bind_addr,
	8173	+ addr, sp2, sp)) {
	8174	+ ret = 1;
7745	8175	goto fail_unlock;
7746	8176	}
7747	8177	}
..	..	@@ -7751,7 +8181,7 @@
7751	8181	pp_not_found:
7752	8182	/* If there was a hash table miss, create a new port. */
7753	8183	ret = 1;
7754		- if (!pp && !(pp = sctp_bucket_create(head, sock_net(sk), snum)))
	8184	+ if (!pp && !(pp = sctp_bucket_create(head, net, snum)))
7755	8185	goto fail_unlock;
7756	8186
7757	8187	/* In either case (hit or miss), make sure fastreuse is 1 only
..	..	@@ -7763,19 +8193,32 @@
7763	8193	pp->fastreuse = 1;
7764	8194	else
7765	8195	pp->fastreuse = 0;
7766		- } else if (pp->fastreuse &&
7767		- (!reuse \|\| sk->sk_state == SCTP_SS_LISTENING))
7768		- pp->fastreuse = 0;
	8196	+
	8197	+ if (sk->sk_reuseport) {
	8198	+ pp->fastreuseport = 1;
	8199	+ pp->fastuid = uid;
	8200	+ } else {
	8201	+ pp->fastreuseport = 0;
	8202	+ }
	8203	+ } else {
	8204	+ if (pp->fastreuse &&
	8205	+ (!reuse \|\| sk->sk_state == SCTP_SS_LISTENING))
	8206	+ pp->fastreuse = 0;
	8207	+
	8208	+ if (pp->fastreuseport &&
	8209	+ (!sk->sk_reuseport \|\| !uid_eq(pp->fastuid, uid)))
	8210	+ pp->fastreuseport = 0;
	8211	+ }
7769	8212
7770	8213	/* We are set, so fill up all the data in the hash table
7771	8214	* entry, tie the socket list information with the rest of the
7772	8215	* sockets FIXME: Blurry, NPI (ipg).
7773	8216	*/
7774	8217	success:
7775		- if (!sctp_sk(sk)->bind_hash) {
	8218	+ if (!sp->bind_hash) {
7776	8219	inet_sk(sk)->inet_num = snum;
7777	8220	sk_add_bind_node(sk, &pp->owner);
7778		- sctp_sk(sk)->bind_hash = pp;
	8221	+ sp->bind_hash = pp;
7779	8222	}
7780	8223	ret = 0;
7781	8224
..	..	@@ -7797,7 +8240,7 @@
7797	8240	addr.v4.sin_port = htons(snum);
7798	8241
7799	8242	/* Note: sk->sk_num gets filled in if ephemeral port request. */
7800		- return !!sctp_get_port_local(sk, &addr);
	8243	+ return sctp_get_port_local(sk, &addr);
7801	8244	}
7802	8245
7803	8246	/*
..	..	@@ -7844,9 +8287,8 @@
7844	8287	}
7845	8288	}
7846	8289
7847		- sk->sk_max_ack_backlog = backlog;
7848		- sctp_hash_endpoint(ep);
7849		- return 0;
	8290	+ WRITE_ONCE(sk->sk_max_ack_backlog, backlog);
	8291	+ return sctp_hash_endpoint(ep);
7850	8292	}
7851	8293
7852	8294	/*
..	..	@@ -7899,7 +8341,7 @@
7899	8341
7900	8342	/* If we are already listening, just update the backlog */
7901	8343	if (sctp_sstate(sk, LISTENING))
7902		- sk->sk_max_ack_backlog = backlog;
	8344	+ WRITE_ONCE(sk->sk_max_ack_backlog, backlog);
7903	8345	else {
7904	8346	err = sctp_listen_start(sk, backlog);
7905	8347	if (err)
..	..	@@ -8438,17 +8880,11 @@
8438	8880	struct sctp_association *asoc = chunk->asoc;
8439	8881	struct sock *sk = asoc->base.sk;
8440	8882
8441		- asoc->sndbuf_used -= SCTP_DATA_SNDSIZE(chunk) +
8442		- sizeof(struct sk_buff) +
8443		- sizeof(struct sctp_chunk);
8444		-
8445		- WARN_ON(refcount_sub_and_test(sizeof(struct sctp_chunk), &sk->sk_wmem_alloc));
8446		-
8447		- /*
8448		- * This undoes what is done via sctp_set_owner_w and sk_mem_charge
8449		- */
8450		- sk->sk_wmem_queued -= skb->truesize;
8451	8883	sk_mem_uncharge(sk, skb->truesize);
	8884	+ sk->sk_wmem_queued -= skb->truesize + sizeof(struct sctp_chunk);
	8885	+ asoc->sndbuf_used -= skb->truesize + sizeof(struct sctp_chunk);
	8886	+ WARN_ON(refcount_sub_and_test(sizeof(struct sctp_chunk),
	8887	+ &sk->sk_wmem_alloc));
8452	8888
8453	8889	if (chunk->shkey) {
8454	8890	struct sctp_shared_key *shkey = chunk->shkey;
..	..	@@ -8801,22 +9237,19 @@
8801	9237	static inline void sctp_copy_descendant(struct sock *sk_to,
8802	9238	const struct sock *sk_from)
8803	9239	{
8804		- int ancestor_size = sizeof(struct inet_sock) +
8805		- sizeof(struct sctp_sock) -
8806		- offsetof(struct sctp_sock, auto_asconf_list);
	9240	+ size_t ancestor_size = sizeof(struct inet_sock);
8807	9241
8808		- if (sk_from->sk_family == PF_INET6)
8809		- ancestor_size += sizeof(struct ipv6_pinfo);
8810		-
	9242	+ ancestor_size += sk_from->sk_prot->obj_size;
	9243	+ ancestor_size -= offsetof(struct sctp_sock, pd_lobby);
8811	9244	__inet_sk_copy_descendant(sk_to, sk_from, ancestor_size);
8812	9245	}
8813	9246
8814	9247	/* Populate the fields of the newsk from the oldsk and migrate the assoc
8815	9248	* and its messages to the newsk.
8816	9249	*/
8817		-static void sctp_sock_migrate(struct sock oldsk, struct sock newsk,
8818		- struct sctp_association *assoc,
8819		- enum sctp_socket_type type)
	9250	+static int sctp_sock_migrate(struct sock oldsk, struct sock newsk,
	9251	+ struct sctp_association *assoc,
	9252	+ enum sctp_socket_type type)
8820	9253	{
8821	9254	struct sctp_sock *oldsp = sctp_sk(oldsk);
8822	9255	struct sctp_sock *newsp = sctp_sk(newsk);
..	..	@@ -8825,6 +9258,7 @@
8825	9258	struct sk_buff skb, tmp;
8826	9259	struct sctp_ulpevent *event;
8827	9260	struct sctp_bind_hashbucket *head;
	9261	+ int err;
8828	9262
8829	9263	/* Migrate socket buffer sizes and all the socket level options to the
8830	9264	* new socket.
..	..	@@ -8853,8 +9287,20 @@
8853	9287	/* Copy the bind_addr list from the original endpoint to the new
8854	9288	* endpoint so that we can handle restarts properly
8855	9289	*/
8856		- sctp_bind_addr_dup(&newsp->ep->base.bind_addr,
8857		- &oldsp->ep->base.bind_addr, GFP_KERNEL);
	9290	+ err = sctp_bind_addr_dup(&newsp->ep->base.bind_addr,
	9291	+ &oldsp->ep->base.bind_addr, GFP_KERNEL);
	9292	+ if (err)
	9293	+ return err;
	9294	+
	9295	+ /* New ep's auth_hmacs should be set if old ep's is set, in case
	9296	+ * that net->sctp.auth_enable has been changed to 0 by users and
	9297	+ * new ep's auth_hmacs couldn't be set in sctp_endpoint_init().
	9298	+ */
	9299	+ if (oldsp->ep->auth_hmacs) {
	9300	+ err = sctp_auth_init_hmacs(newsp->ep, GFP_KERNEL);
	9301	+ if (err)
	9302	+ return err;
	9303	+ }
8858	9304
8859	9305	sctp_auto_asconf_init(newsp);
8860	9306
..	..	@@ -8876,7 +9322,6 @@
8876	9322	* 2) Peeling off partial delivery; keep pd_lobby in new pd_lobby.
8877	9323	* 3) Peeling off non-partial delivery; move pd_lobby to receive_queue.
8878	9324	*/
8879		- skb_queue_head_init(&newsp->pd_lobby);
8880	9325	atomic_set(&sctp_sk(newsk)->pd_mode, assoc->ulpq.pd_mode);
8881	9326
8882	9327	if (atomic_read(&sctp_sk(oldsk)->pd_mode)) {
..	..	@@ -8941,6 +9386,8 @@
8941	9386	}
8942	9387
8943	9388	release_sock(newsk);
	9389	+
	9390	+ return 0;
8944	9391	}
8945	9392
8946	9393
..	..	@@ -8960,6 +9407,7 @@
8960	9407	.sendmsg = sctp_sendmsg,
8961	9408	.recvmsg = sctp_recvmsg,
8962	9409	.bind = sctp_bind,
	9410	+ .bind_add = sctp_bind_add,
8963	9411	.backlog_rcv = sctp_backlog_rcv,
8964	9412	.hash = sctp_hash,
8965	9413	.unhash = sctp_unhash,
..	..	@@ -9002,6 +9450,7 @@
9002	9450	.sendmsg = sctp_sendmsg,
9003	9451	.recvmsg = sctp_recvmsg,
9004	9452	.bind = sctp_bind,
	9453	+ .bind_add = sctp_bind_add,
9005	9454	.backlog_rcv = sctp_backlog_rcv,
9006	9455	.hash = sctp_hash,
9007	9456	.unhash = sctp_unhash,